2
1
Do You Accept
Credit
Cards?
1. Storing Cardholder Data in
NoncompliantPrograms.
Manystates
have laws regarding data breaches
and, depending on where you accept
cards, you may be subject to many of
them. For example, Massachusetts
has 201 CMR 17.00, which requires
companies keeping any personal
data from Massachusetts residents
to prepare a PCI-compliant plan
to protect that data. If a company
then fails to maintain that plan, the
business may face state prosecution.
2. Fibbing On The Self-Assessment
Questionnaire.
If you have considered
tampering with the reports from
your company’s Approved Scanning
Vendor, think again. Time invested
now to fix any holes in your data
security system could save you
big-time from the penalties your
company could suffer if there’s ever a
data breach. The same thing applies
to simply “fudging the truth” on self-
prepared compliance reports. Even if
you think it’s a harmless stretch of the
truth, don’t do it.
ByJeanneDeWitt
Do you accept Credit Cards? If so, you need to know
about these 4 pitfalls that could lead to lawsuits.
If your company is not fully compliant with the Payment
Card Industry or PCI Security Standards, you could be at
risk of a serious tanglewith attorneys. Now technically, PCI
guidelines are not a hard-and-fast set of laws, however,
merchants can still face hefty liabilities for not meeting
them. Avoid these mistakes to keep your company out of
hot water with attorneys:
SOAR TO SUCCESS
/
F
ebruary
2016
issue
/
Core Business Strategy