Departments must document their processes by means of procedures placed in immediate proximity of the workstation/credit card terminal. These directives must be available for periodic review and include processing and collection, storage and destruction of payment information, as well as quarterly processes and annual processes.
Credit card merchants at the University of Florida are required to follow strict procedures to protect customers’ payment card data and attest compliance with the Payment Card Industry Data Security Standard (PCI DSS). Failure to protect such information may result in financial loss for customers and the University, suspension of credit card processing privileges, fines imposed on credit card merchants and damage to the institution’s reputation.
All University departments whose personnel store, process, or transmit cardholder information. This also applies to units that outsource the processing of payment card information to third party vendors.