Payment Card Industry Data Security Standard. For e-commerce business and/or credit card transactions, Supplier agrees to be bound by the requirements and terms of the Rules of all applicable Card Associations, as amended from time to time, and be solely responsible for security and maintaining confidentiality of Card transactions processed by means of electronic commerce up to the point of receipt of such transactions by Bank. Proposer is required to be in compliance with the requisites of the SAS 70 and/or Payment card Industry Data Security Standard.
Payment Card Industry Data Security Standard. For e-commerce business and/or payment card transactions, Vendor will comply with the requirements and terms of the rules of all applicable payment card industry associations or organizations, as amended from time to time (PCI Security Standards), and be solely responsible for security and maintaining confidentiality of payment card transactions processed by means of electronic commerce up to the point of receipt of such transactions by a qualified financial institution. Vendor will, at all times during the term of this Agreement, be in compliance with the then current standard for Payment Card Industry Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS) for software, and PIN Transaction Security (PCI PTS) for hardware. Vendor will provide attestation of compliance to UA annually by delivering to UA current copies of the following: (i) Vendor’s “Attestation of Compliance for Onsite Assessments – Service Providers;” (ii) an attestation that all UA locations are being processed and secured in the same manner as those in Vendor’s “PCI Report on Compliance;” and (iii) a copy of Vendor’s PCI Report on Compliance cover letter. Vendor will notify University immediately if Entity becomes non-compliant, and of the occurrence of any security incidents (including information disclosure incidents, network intrusions, successful virus attacks, unauthorized access or modifications, and threats and vulnerabilities) in accordance with the ISPA. Vendor’s services must include the following:
Payment Card Industry Data Security Standard. Neither Company nor any of their Subsidiaries has received notice from any credit card company or credit card processor that (a) either Company or any Subsidiary is not in compliance with the applicable guidelines and standards established by the Payment Card Industry Data Security Standards (“PCI DSS”) or
Payment Card Industry Data Security Standard. University requires that the Contractor shall at all times maintain compliance with the most current Payment Card Industry Data Security Standards (PCI DSS). The Contractor will be required to provide written confirmation of compliance. Contractor acknowledges responsibility for the security of cardholder data as defined within the PCI DSS. Contractor acknowledges and agrees that cardholder data may only be used for completing the contracted services as described in the full text of this document, or as required by the PCI DSS, or as required by applicable law. Similarly, Contractor should be prepared to demonstrate the compliance of any third party it has sub-contracted as part of the service offering. As evidence of compliance, the Contractor shall provide upon request a current attestation of compliance signed by a PCI QSA (Qualified Security Assessor).
Payment Card Industry Data Security Standard. The Authority utilizes systems and networks that store, process, and/or transmit cardholder data as defined by the Payment Card Industry (PCI) Security Standards Council (Cardholder Data). As such, these systems, networks, and procedures are required to comply with the PCI Data Security Standard (PCI DSS). The Contractor shall comply with the PCI DSS requirements for such systems and acknowledges that the Contractor is responsible for the security of cardholder data handled by the Contractor. The Authority and the Contractor shall meet to identify the specific systems and networks that store, process and/or transmit cardholder data to determine the desired actions and identify responsibilities as applicable to the PCI DSS requirement areas.
Payment Card Industry Data Security Standard. Contractor shall comply with the Payment Card Industry Data Security Standard as outlined in Exhibit D, which is incorporated by this reference and made a part hereof.
Payment Card Industry Data Security Standard. 42.3.1 In addition to the requirements set out clauses 45.1 and 45. 2 of these Special Terms and Conditions, where the Contractor is processing and handling Personal Card Data, the Contractor shall be validated to level 1 of the standard set out by the PCI Security Standards Council as amended from time to time irrespective of the level of transactions processed by the Contractor.
Payment Card Industry Data Security Standard. For e-commerce business and/or payment card transactions, Subrecipient will comply with the requirements and terms of the rules of all applicable payment card industry associations or organizations, as amended from time to time (PCI Security Standards), and be solely responsible for security and maintaining confidentiality of payment card transactions processed by means of electronic commerce up to the point of receipt of such transactions by a qualified financial institution. Subrecipient will, at all times during the term of this Agreement, be in compliance with the then current standard for Payment Card Industry Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS) for software, and PIN Transaction Security (PCI PTS) for hardware. Subrecipient will provide attestation of compliance to ASU annually by delivering to ASU current copies of the following: (i) Subrecipient’s “Attestation of Compliance for Onsite Assessments – Service Providers;” (ii) an attestation that all ASU locations are being processed and secured in the same manner as those in Subrecipient’s “PCI Report on Compliance;” and (iii) a copy of Subrecipient’s PCI Report on Compliance cover letter. Subrecipient will notify ASU immediately if Subrecipient becomes non-compliant, and of the occurrence of any security incidents (including information disclosure incidents, network intrusions, successful virus attacks, unauthorized access or modifications, and threats and vulnerabilities). Subrecipient’s services must include the following:
Payment Card Industry Data Security Standard. 21.1 To the extent that the Payment Card Industry Data Security Standard (“PCI DSS”) is applicable to the Goods and/or Services to be provided under the Contract, the following provisions shall apply.
Payment Card Industry Data Security Standard a) GPA shall protect Humana Cardholder Data that GPA knowingly possesses according to requirements of the then current PCI DSS.
