Launched in December 2004, the Payment Card Industry Data Security Standard â known as PCI DSS â is comprised of 12 data security requirements designed to protect sensitive information from being compromised.
These requirements, which also include numerous sub-requirements, are applicable to all businesses that store, process, or transmit cardholder information.
âThe protection of consumer information is one of the most important â if not the most important â issue for state agencies. As a government entity, we must lead by example if we expect business and organizations to adhere to our laws that mandate the security of consumer information,â said Robert L. Powell, State Controller of North Carolina.
To meet stringent security requirements of credit card associations, the North Carolina Office of the State Controller is mandating PCI DSS compliance for the following:
â¢ Common Payment Services application â The stateâs proprietary payment application, which is a payment gateway available for use by the stateâs entities to process transactions.
â¢ All state agencies, universities, community colleges, and local governments that participate under the Stateâs Master Services Agreement with SunTrust Merchant Services.
AmbironTrustWave will deliver the PCI DSS compliance solutions for the State of North Carolina entities and monitor their compliance on a regular basis through the TrustKeeperÂ® compliance management solution.
âAs providers of numerous services, state governments have a responsibility to ensure the protection of their citizensâ personal information. We are pleased to be working with the North Carolina Office of the State Controller as they continue to be early adopters of information security control policies and technologies,â said
Robert J. McCullen, CEO of AmbironTrustWave.