Skip to main content

texas-considers-requiring-pci-compliance

In an interesting twist in the continuing PCI story, the Texas legislature may mandate PCI compliance:

According to the language of the bill, "A business that, in the regular course of business, collects, maintains, or stores sensitive personal information in connection with an access device must comply with payment card industry data security standards." The bill would allow a financial institution in the state to request a breached entity to provide certification of its compliance with PCI specified controls. HB 3222 would require the certification to be issued by a PCI-approved auditor no earlier than 90-days before the breach.
It sounds like retailers would have to be audited every 90 days! Is this bill the work of the financial institutions or the auditors?

Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom