We covered some common HIPAA Compliance misconceptions last month on our blog (read more here). But what about PCI Compliance? Many business often forget that regardless of how much business they do with debit or credit cards, they are still required to be PCI compliant. If your business is found to be out of compliance, you can be held responsible for any fraud or consumer breeches.

Here are some common PCI Compliance myths:

  • I’m too small.

    No business is too small or too big to be PCI Compliant. Whether you take one credit card over the phone a year, or accept 500 debit cards a month, any business that uses debit or credit cards MUST be PCI Compliant.

  • I’ll just wait until my bank tells me to be compliant.

    The longer you wait to be compliant, the more at risk your business will be. By the time your bank tells you its time to be compliant, it’s already too late. You want to give yourself enough time to properly go through compliance standards. If you rush through it because you’re scrambling to make a bank deadline, you may miss key steps.

  • Outsourcing credit card processing solves all my issues.

    Although outsourcing credit card processing can limit how much you need to do, it does not solve your compliance issues. Any vendor you work with who has access to your consumers’ payment information is your responsibility. You have to make sure that the vendor you choose is also compliance and has the proper standards in place to protect your clients.

  • Compliance is hard and only for IT.

    Compliance applies to any individual who comes into contact with consumers’ payment information. Customer service, sales, finance, or any other individual who may have access to see sensitive information. This is why it is important to develop Best Practices within your business to handle this sensitive information. It will help keep you compliant. Although compliance may be difficult to understand, if you take your time and consult the right professionals you can easily bring your business into PCI compliance.

Still have questions? We are here to help. Contact us now to learn more about PCI compliance or to register for our event on November 4th!

(you can also register by emailing alison@datasmithnetworks.com)

Please follow and like us: