The security and stewardship of our campus community and the data we collect and manage is paramount.  Toward that end, the College seeks to maintain, adhere to and foster an environment that reflects best practices. PCI DSS is the Payment Card Industry Data Security Standard. It is a set of comprehensive requirements for credit card account data security, developed by the credit card industry in response to an increase in identity theft and credit card fraud. As a merchant who handles credit card data, BCC is obliged to safeguard that information and adhere to the standards established by the Payment Card Industry Security Standards Council (PCI SSC) including, but not limited to, setting up controls for handling credit card data, computer and internet security and completing an annual self assessment questionnaire.

The BCC PCI-DSS Compliance Steering Committee

The BCC PCI-DSS Compliance Steering Committee is being formally established jointly by the College’s Executive Director of Finance and Business and Chief Information Office (CIO) to recognize its role in assisting the College with implementing and maintaining its compliance program relating to PCI-DSS industry standards, which apply to BCC since it accepts and processes payment card payments. This committee serves in an advisory capacity to the Vice President of Finance & Administration in guiding and monitoring the College’s cardholder data environment (CDE) to ensure compliance with PCI-DSS.

For more details, please consult the BCC PCI-DSS Compliance Steering Committee Charter

PCI DSS Objectives and Requirements

PCI DSS currently has six (6) objectives and twelve (12) requirements.