Skip to Content

The PCI Compliance Office (PCIO) serves the entire Vanderbilt community to oversee compliance management for credit card processing.  Located in the Baker Building under the direction of Business Services, this office daily works with Vanderbilt merchants to assist the department with their compliance requirements.


What is PCI Compliance?

PCI Compliance is the set of data security standards that are required by the payment card industry.  In 2006 the major credit card brands formed the PCI Security Standards Council to govern their compliance requirements.  Previously, a merchant would be required to follow a different set of standards for each card brand.  Under the guidance of the PCI Security Standards Council the PCI Data Security Standard (PCI DSS) was created.  This standard is updated as new technology and data breaches make it evident that new security metrics need to be in place to keep card holder data secure.  A copy of the current PCI DSS can be found here .


Role of PCIO

The PCI DSS is very detailed and it is not expected that the Vanderbilt merchant fully understands all of the requirements. The PCIO is fully versed in the PCI DSS and also has under contract the services of a qualified security assessor. Our mission is to provide Vanderbilt merchants assistance with their payment card processing solutions, compliance requirements and data security in a professional and client-centered manner, thereby protecting the university’s financial assets and reputation and facilitating Vanderbilt’s broader mission of worldwide leadership in scholarship, research and patient care.


Useful Links