Campus Merchant Town Hall – PCI DSS compliance

To:      Credit Card Merchants

    University Business Managers

From:  Dennis Press, Assistant Vice Chancellor and University Controller

    Kevin Lanning, Interim Chief Information Security Officer

Date:   May 16, 2014

The CERTIFI Committee is proud to announce exciting progress toward bringing UNC campus merchants to PCI DSS compliance.  As has been discussed over the past several months, integral to that plan of compliance is the secure cardholder data environment, or CDE.  In January 2014, all existing campus merchants were asked to provide an updated eCommerce workflow as well as their systems inventory.  That information was used as we worked to design the architecture of the secure environment and at the same continuing to advance the business processes and procedures by shoring up documentation of our policies, which also play a vital role in the compliance status of the University merchants.

Additionally, UNC has engaged a Qualified Security Assessor (QSA) to guide and advise us through this time of rapid growth.  The QSA will be making a campus visit later this month and we would like to extend an invitation to the entire campus community, current merchant account-holders as well as those who may wish to open a merchant account in the future, to join us for the Campus Merchant Town Hall.  Attendance at this meeting is sure to be useful and rewarding.  Besides, we have snacks.

All current account-holders are strongly encouraged to attend. Please plan to attend the Campus Merchant Town Hall from 1:30 to 3 p.m. on Wednesday, May 28, 2014, at the Genome Sciences Building, Room G100. To register, please visit the UNC-CH Event Registration site.

We are eager to welcome you and look forward to seeing you then. Please share this with IT personnel in your departments. For more information, contact Jennifer Acton, Merchant Card Accountant, at or 919-962-7792.