cybersecurity

Does your Business Process Payment Cards?

2018-10-09T17:43:30+00:00

If your business processes, stores, or houses credit, debit, or gift card data, then it likely must comply with the Payment Card Industry-Data Security Standard (PCI-DSS), which contains 12 requirements. They are listed here.

Often businesses incorrectly assume the PCI-DSS only pertains to the processing of payment cards via a computer but this is not the case. It is applicable in all types of commerce involving Card Holder Data (CHD).

To be clear, CHD includes the following information: the Primary Account Number, Card Holder Name, Expiration Date and Service Code.

While processing payment card transactions, if an employee writes down CHD on paper then transmits CHD via email, text message or voicemail, your business must properly secure your expanded CHD environment in order to comply with PCI-DSS.

If you have questions regarding your CHD Environment, HBK can perform a gap analysis to identify any shortfalls that your business may have relating to the PCI-DSS requirements.

HBK can assist you with cyber security topics or questions. Please contact Matt Schiavone at mschiavone@hbkcpa.com, Bill Heaven at wheaven@hbkcpa.com, or Steve Franckhauser at sfranckhauser@hbkcpa.com for assistance.

About the Author(s)

Established in 1949, HBK serves clients ranging from individuals to small businesses to multi-million dollar corporations across the United States through our office locations in Ohio, Pennsylvania, Florida, and New Jersey. We specialize in a wide variety of tax, accounting, assurance, and business consulting services which can help you achieve all of your personal and business goals.

Hill, Barth & King LLC has prepared this material for informational purposes only. Any tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or under any state or local tax law or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. Please do not hesitate to contact us if you have any questions regarding the matter.

RECOMMENDED ARTICLES