CENTRAL WASHINGTON UNIVERSITY
30-50-300 PAYMENT CARD SECURITY PROCEDURES
As of June 30, 2005, VISA and Master Card Payment Card Industry Security Standards require
all entities which handle or store credit cardholder data to comply with the Cardholder
Information Security Program (CISP). The CISP standards are designed to protect cardholder
data wherever and in whatever form it resides. Any merchant or service provider whose
cardholder data is compromised, and who is not CISP compliant, may be held financially
responsible for all costs up to $500,000 per occurrence.
Central Washington University has compiled these credit card security procedures, and the
related Payment Card Security Standards (Policy 7-18.104.22.168), to be in compliance with the
payment card industry security standards. All Central Washington University operations, units,
and departments that accept payments by credit/debit card, must follow the procedures contained
within Central Washington University’s Payment Card Security Procedures.
Central Washington University accepts the use of credit and debit cards by campus units to assist
in the expansion of their customer base for products and services. The acceptance of credit cards
simplifies the payment process and offers fraud protection. Visa and MasterCard are accepted.
American Express, Discover and Diner's Club cards are not accepted at this time.
Departments are responsible to impose and follow procedures that help employees comply with
the Payment Card Security Policies and Procedures. Each department is responsible to maintain
internal controls that prevent payment card breaches and protect sensitive cardholder
information. In accepting payment cards, departments acknowledge they are responsible to hire
qualified employees, train employees on proper policies and procedures, and ensure that their
employees adhere to these policies and procedures. ANY receipts, reports, etc., shall show only
the last four