Payment Card Industry Data Security Standard. For e-commerce business and/or credit card transactions, Supplier agrees to be bound by the requirements and terms of the Rules of all applicable Card Associations, as amended from time to time, and be solely responsible for security and maintaining confidentiality of Card transactions processed by means of electronic commerce up to the point of receipt of such transactions by Bank. Proposer is required to be in compliance with the requisites of the SAS 70 and/or Payment card Industry Data Security Standard.
Payment Card Industry Data Security Standard. For e-commerce business and/or payment card transactions, Vendor will comply with the requirements and terms of the rules of all applicable payment card industry associations or organizations, as amended from time to time (PCI Security Standards), and be solely responsible for security and maintaining confidentiality of payment card transactions processed by means of electronic commerce up to the point of receipt of such transactions by a qualified financial institution. Vendor will, at all times during the term of this Agreement, be in compliance with the then current standard for Payment Card Industry Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS) for software, and PIN Transaction Security (PCI PTS) for hardware. Vendor will provide attestation of compliance to UA annually by delivering to UA current copies of the following: (i) Vendor’s “Attestation of Compliance for Onsite Assessments – Service Providers;” (ii) an attestation that all UA locations are being processed and secured in the same manner as those in Vendor’s “PCI Report on Compliance;” and (iii) a copy of Vendor’s PCI Report on Compliance cover letter. Vendor will notify University immediately if Entity becomes non-compliant, and of the occurrence of any security incidents (including information disclosure incidents, network intrusions, successful virus attacks, unauthorized access or modifications, and threats and vulnerabilities) in accordance with the ISPA. Vendor’s services must include the following:
Payment Card Industry Data Security Standard. Neither Company nor any of their Subsidiaries has received notice from any credit card company or credit card processor that (a) either Company or any Subsidiary is not in compliance with the applicable guidelines and standards established by the Payment Card Industry Data Security Standards (“PCI DSS”) or
Payment Card Industry Data Security Standard. 23.1 University requires that Contractor shall at all times maintain compliance with the most current Payment Card Industry Data Security Standards (PCI DSS). Contractor will be required to provide written confirmation of compliance. Contractor acknowledges responsibility for the security of cardholder data as defined within the PCI DSS. Contractor acknowledges and agrees that cardholder data may only be used for completing the contracted services as described in the full text of this document, or as required by the PCI DSS, or as required by applicable law. Similarly, Contractor should be prepared to demonstrate the compliance of any third party it has sub- contracted as part of the service offering. As evidence of compliance, Contractor shall provide upon request a current attestation of compliance signed by a PCI QSA (Qualified Security Assessor).
Payment Card Industry Data Security Standard. The Authority utilizes systems and networks that store, process, and/or transmit cardholder data as defined by the Payment Card Industry (PCI) Security Standards Council (Cardholder Data). As such, these systems, networks, and procedures are required to comply with the PCI Data Security Standard (PCI DSS). The Contractor shall comply with the PCI DSS requirements for such systems and acknowledges that the Contractor is responsible for the security of cardholder data handled by the Contractor. The Authority and the Contractor shall meet to identify the specific systems and networks that store, process and/or transmit cardholder data to determine the desired actions and identify responsibilities as applicable to the PCI DSS requirement areas.
Payment Card Industry Data Security Standard. Contractor shall comply with the Payment Card Industry Data Security Standard as outlined in Exhibit D, which is incorporated by this reference and made a part hereof.
Payment Card Industry Data Security Standard a) GPA shall protect Humana Cardholder Data that GPA knowingly possesses according to requirements of the then current PCI DSS.
Payment Card Industry Data Security Standard. 21.1 To the extent that the Payment Card Industry Data Security Standard (“PCI DSS”) is applicable to the Goods and/or Services to be provided under the Contract, the following provisions shall apply.
Payment Card Industry Data Security Standard. 12.4.1 With respect to any payment card information that Supplier may process, store, collect or transmit Supplier warrants and certifies that Supplier will remain fully compliant with the Payment Card Industry Data Security Standard (“PCI DSS”), as may be modified from time to time. All definitions not defined in this Agreement shall have the same meaning as defined in PCI DSS. Confidential treatment has been requested for portions of this exhibit. The copy filed herewith omits the information subject to the confidentiality request. Omissions are designated as [****]. A complete version of this exhibit has been filed separately with the Securities and Exchange Commission
Payment Card Industry Data Security Standard a. Undertaking by Contractor. Contractors that process, transmit, store or affect the security of credit/debit cardholder data, must adhere to the Payment Card Industry Data Security Standard (PCI DSS). The Contractor is responsible for the security of cardholder data in its possession. The data may only be used to assist the State or for other uses specifically authorized by law.
