The PCI DSS, Chaining and the Franchise Relationship

October 21, 2014 • Published Categories Industry TopicsTags , , , , , , , ,

Guest post by David Durko, PrivacyAtlas   My colleagues and I are often asked, “Where does the responsibility for compliance fall when a compliant service provider shares consumer data with a non-compliant third party?” This is an interesting question and one that could change how … Read more

“Does my backup services business need to be PCI compliant?”

May 6, 2014 • Published Categories PCI 101Tags , , , ,

Question: I own a small MSP service that offers backup services for customers’ servers. Some of our hospitality customers for which we do nothing but this type of backup believe we need to be PCI compliant. All the data is fully encrypted before it is sent … Read more

“We would like to request a credit card number in advance of an event…”

April 17, 2014 • Published Categories Best PracticesTags , , , , , , , , ,

Question: We are developing our payment policy for a venue rental business and would like to request a credit card number to be submitted 14 days prior to the event to have on file for any damages that might occur during the event. Will I be … Read more