All employees and non-permanent employees (i.e., temporary, student employees or volunteers) who handle credit card payments or who have access to credit card data must undergo training annually.
The ITS department has developed a training video discussing the importance of protecting credit card information. This training is mandatory and must be viewed annually by all employees who are processing credit card transactions or who have access to credit card data, including student and temporary employees as well as volunteers. Training can be completed together as a group or individually. Individual and group training should be tracked and documented by the department and include the employee’s name, SU ID, and the date the training occurred. This document must be kept by the department for two years and be made available to the PCI Committee for audit purposes. Please note, it is the responsibility of the department manager to identify the individuals that will be processing credit cards in their department and ensure that those individuals receive this training. The link for the training video is below.
If you have any questions regarding the above or PCI DSS, please contact Margie Greeson at magreeso@syr.edu or Chris Croad at ccroad@syr.edu.