Business PickupIf you’re an IT professional in the financial industry, you will already be aware of PCI compliance standards for data. If you’re not in the IT field, you may be curious about the term.
PCI compliance is short for Payment Card Industry Data Security Standard (PCI DSS). It is a universal set of security standards created by the major credit card companies to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment for these records.
The Data Security Standard (DSS) is a protocol that merchants who collect credit card payments need to meet in order to protect that data. These standards were first set up in December 2004 and have been continually updated ever since. The latest version, version 3.2, has 12 requirements and 251 sub-requirements for compliance. Version 3.2 officially replaced version 3.1 on February 1, 2018.
Businesses of all sizes are expected to be PCI compliant and all merchants fall into one of four levels based on credit or debit card transaction volume over a 12-month period. Level 1 is the most strict and Level 4 is the least strict.
Why Is PCI Compliance Important?
Since January 2017, at least 14 retailers were hacked and had data stolen. Most of the security breaches were caused by flaws in payment systems, either online or in store. While the data breach itself does not harm a consumer, what does cause harm is use of the stolen information. This can range from damage to your credit score to fraudulent use of personal information such as names, addresses, passwords, birth dates and government identification numbers.
While PCI compliance was instituted to help with insecure data practices and security breaches, what does PCI compliance have to do with recycling? PCI compliance in recycling, much like Information Technology Asset Disposition (ITAD), involves getting your company’s electronics to the recycler securely and making sure that all data is destroyed using a verified process and a certified recycler. As discussed, if the financial information of customers or vendors is not handled appropriately and gets into the wrong hands, there is a high risk of information fraud.
Where Can I Find a PCI-Compliant Recycler?
“Increasing numbers of customers are asking if we’re PCI compliant,” says Clayton Miller, Vice President, Business Development, Quantum Lifecycle Partners. “The answer is yes. Quantum is PCI compliant. And we absolutely understand the concerns of customers about whether their data will be securely destroyed and disposed of.”
Miller adds that companies that handle financial transactions need to ensure not only that their data is destroyed securely and appropriately but that their vendors are all PCI compliant. When looking for a vendor, he suggests checking for PCI compliance, multiple industry certifications such as R2, R2O and NAID-Canada, and a reputation for high ethical standards.
Contact Quantum today to find out more about how we handle your electronics data securely. Peace of mind is a great thing!