Skip to Main Content

News

Events

News

Events

News

Events

News

Events

  • Oct 31: Homecoming Alumni Golf Tournament
  • Oct 31: Special Collections Halloween Open House
  • Nov 1: Homecoming Dukes' 5K Run/Walk
  • More >

News

Events

News

Events

  • Oct 31: Homecoming Alumni Golf Tournament
  • Nov 1: Homecoming Dukes' 5K Run/Walk
  • Nov 1: The Breeze "Farewell Seeger" Open House
  • More >

University Departments

You are in the main content


Payment Card Data Security

As a merchant that processes and transmits payment card data as a form of payment all over campus, James Madison University takes data security very seriously. Any department that accepts Visa, MasterCard, Discover, and/or American Express will actively work with the University Business Office to ensure compliance at all times to Payment Card Industry Data Security Standards (PCI DSS). The security of our customer's cardholder data is of the utmost importance to James Madison University.



Data Retention

"All university information that is stored, processed or distributed is subject to this policy and the more specific provisions of the Data Stewardship Standard." Payment Card data is considered "Highly Confidential," as defined in the policy. JMU merchants may never store a PAN (Primary Account Number), expiration date, card security code, any information embeded within the Track, or any other data as prohibited by the PCI Data Security Standards.


Departmental Policies and Procedures for Payment Card Acceptance

All departments that accept payment cards, whether online or in person, are required to have detailed, written policies and procedures in place. If it is not written down, then your business practices are up for interpretation. Employees must be made aware of all Univeristy Business Office and departmental policies and procedures. Departments are required to utilize this template as a guide to writing departmental policies and procedures. This will give all JMU departments consistency in written payment card documentation. The University Business Office may periodically request copies of a departments policies and procedures.


Employee Payment Card Training

As a PCI requirement, all JMU employees (faculty, staff, and student employees) that process, transmit, handle, or have access to payment card data must take annual training.


A PowerPoint presentation is given by the University Business Office to all new hire JMU employees (faculty, staff, and student employees) that process, transmit, or handle payment card data. It is the department's responsibility to notify the University Business Office of new employees in order to schedule a training time. The presentation is posted here to serve as a refresher for employees throughout the year. Please go to our PCI home page to request this training. 


New Merchant Setup Request

Forms and instructions can be found here


Payment Card Industry Security Standards Council

The PCI Security Standards Council website contains a wealth of information on payment card data security and retention.


Records Management and Records Destruction


Third Party Vendors

The University Business Office will quarterly request certified PCI compliance documentation from all JMU contracted Third Party Vendors, as required by the Payment Card Industry Council.