Payment Card Industry Compliance (PCI Compliance)
CSUB Information Security Policy
Date in Effect: November 2009
Policy Title: Payment Card Industry Compliance (PCI Compliance)
Campus entities, including auxiliaries, that enter into contracts with third party vendors who process, store, or handle credit or debit card data on behalf of the campus shall ensure the vendor with which they contract is PCI compliant. The vendor shall provide the University Procurement Office with a compliance statement or certification attesting to their compliance.