2

1

Do You Accept

Credit

Cards?

1. Storing Cardholder Data in

NoncompliantPrograms.

Manystates

have laws regarding data breaches

and, depending on where you accept

cards, you may be subject to many of

them. For example, Massachusetts

has 201 CMR 17.00, which requires

companies keeping any personal

data from Massachusetts residents

to prepare a PCI-compliant plan

to protect that data. If a company

then fails to maintain that plan, the

business may face state prosecution.

2. Fibbing On The Self-Assessment

Questionnaire.

If you have considered

tampering with the reports from

your company’s Approved Scanning

Vendor, think again. Time invested

now to fix any holes in your data

security system could save you

big-time from the penalties your

company could suffer if there’s ever a

data breach. The same thing applies

to simply “fudging the truth” on self-

prepared compliance reports. Even if

you think it’s a harmless stretch of the

truth, don’t do it.

ByJeanneDeWitt

Do you accept Credit Cards? If so, you need to know

about these 4 pitfalls that could lead to lawsuits.

If your company is not fully compliant with the Payment

Card Industry or PCI Security Standards, you could be at

risk of a serious tanglewith attorneys. Now technically, PCI

guidelines are not a hard-and-fast set of laws, however,

merchants can still face hefty liabilities for not meeting

them. Avoid these mistakes to keep your company out of

hot water with attorneys:

SOAR TO SUCCESS

/

F

ebruary

2016

issue

/

Core Business Strategy