Payment Card Data Security Guideline
Description: Establishes the standard for all York University departments, offices and units accepting payment card transactions. Has associated Procedure.
Notes: Approved by the President and Vice-Presidents; July 1, 2012
Approval Authority: President
Signature: "Mamdouh Shoukri"
Accepting payment card transactions is a convenient way to handle the sale of goods and services at York University. By accepting payment cards for transactions, the University has a responsibility to protect cardholder data and to ensure the security of that information.
In accepting payment cards, York University must comply with cardholder data protection and security requirements as established by the Payment Card Industry Data Security Standard ("PCI DSS").
All York University departments, offices and units accepting Payment Card transactions ("merchants") will be required to demonstrate their ongoing compliance with the PCI DSS, as outlined in the associated Procedures.
The Vice-President Finance and Administration shall authorize Procedures as necessary or desirable to give effect to this Guideline.