PCI Data Security Standards

The Payment Card Industry (PCI) Data Security Standards (DSS) is a set of 200-plus security controls to protect credit card data.  The PCI-DSS have been adopted by the major credit card brands and are required by any organization that stores, processes, or transmits cardholder data.

USC PCI Education

USC faculty, staff and students who handle cardholder data must take USC’s online PCI education.  Please contact the USC Treasury Services office at pcidocs@usc.edu for more information or to enroll in the education program.

USC PCI Policy

See USC’s PCI policy for information regarding Payment Card Industry Data Security Standards.

Security Addendum

Procurement Services (formerly Purchasing Services) is responsible for negotiating and executing the Security Addendum with third-party vendors that will have access to or otherwise generate, store and/or transmit credit card data in connection with services provided to the university.  Please contact Procurement Services at (213) 740-2281 or via email at purchasing@usc.edu to initiate the process.

PCI Standards

Institutions must comply with PCI DSS version 3.0  by no later than January 1, 2015.

PCI Working Group

USC established a working group to implement the PCI standards across campuses.  If you are not a member of this working group and would like to participate, please contact USC Treasury Services at pcidocs@usc.edu.

PCI Contacts

USC Treasury Services is responsible for implementation and oversight of the PCI Policy and general compliance with the PCI Standard.  Please contact them at (213) 821-6560 or via email at pcidocs@usc.edu for further information.