Legislative History:

Approved by the President and Vice-Presidents; July 1, 2012

Approval Authority: President

Signature: Mamdouh Shoukri

Description: Establishes the standard for all York University departments, offices and units accepting payment card transactions. Has associated Procedure.

Preamble

Accepting payment card transactions is a convenient way to handle the sale of goods and services at York University. By accepting payment cards for transactions, the University has a responsibility to protect cardholder data and to ensure the security of that information.

Policy

In accepting payment cards, York University must comply with cardholder data protection and security requirements as established by the Payment Card Industry Data Security Standard ("PCI DSS").

Application

All York University departments, offices and units accepting Payment Card transactions ("merchants") will be required to demonstrate their ongoing compliance with the PCI DSS, as outlined in the associated Procedures.

Authority

The Vice-President Finance and Administration shall authorize Procedures as necessary or desirable to give effect to this Guideline.