The Payment Card Industry Security Standards Council (PCI SSC) recently released details about upcoming changes to the PCI Data Security Standard (PCI DSS).  Although the proposed changes have yet to be finalized, the PCI SSC has provided a preview into the changes in order to “eliminate any perceived surprises for organizations in their PCI security planning.”  PCI DSS 3.0 will be published on November 7, 2013 and will go into effect on January 1, 2014.

The changes have been developed to help companies, including those companies in the hospitality industry, make payment card industry compliance a part of their “business-as-usual” activities by providing flexibility as well as providing an increased focus on education, awareness, and security.  Hotels should be preparing to update their PCI compliance programs in response to Version 3.0, which may include new PCI compliance training requirements as part of the new focus on education and awareness.  Consideration should also be given to how hospitality technology, which reflect the evolving payment card and business environment, can be made PCI compliant and ensure payment card security.

The Venza Group has partnered with Arnall Golden Gregory (AGG) to create a series of interactive eLearning modules to address PCI compliance in the hotel industry. Management, employees and IT are taught about the requirements they must support as part of the Payment Card Industry Data Security Standards.  The Venza Group also is partnering with AGG to create an interactive eLearning module to train hoteliers on general privacy and security awareness issues.

Link:  https://www.pcisecuritystandards.org/pdfs/13_08_15_Changes_Highlights_Press_Release.pdf