CONTRIBUTOR

ARTICLE

United States: FTC Scrutinizes Payment Card Data Security

29 March 2016

by Kathryne M. Morris

Strasburger & Price, L.L.P.

Your LinkedIn Connections
with the authors

To print this article, all you need is to be registered or login on Mondaq.com.

No matter the size of your business, if you accept, transmit or store credit cardholder data, you must comply with the Payment Card Industry (PCI) Data Security Standards (DSS) because card-issuers and banks require it. While full compliance with the PCI DSS is generally thought to reduce the costs to your business and your customers in the event of a data breach, it appears that compliance is now in the crosshairs of the Federal Trade Commission (FTC).

On March 7, 2016, the FTC issued a press release publicizing its orders to nine companies, including PWC and Mandiant, requiring that they provide information regarding their PCI DSS auditing practices. Businesses typically hire the subject companies to conduct auditing services, which are supposed to determine the businesses' compliance with the 12 requirements in the PCI DSS. However, the FTC is specifically requesting information about businesses that have suffered data breaches despite being deemed PCI compliant.

If you are a business owner who relies on credit cards, you will want to double-down on ensuring compliance with the PCI DSS, and watch how the companies respond and what steps the FTC takes next.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

AUTHOR(S)

Kathryne M. Morris

Strasburger & Price, L.L.P.

ARTICLE TAGS

United States Corporate/Commercial Law Compliance Finance and Banking Financial Services Privacy Data Protection Technology Security

POPULAR ARTICLES ON: Privacy from United States

RELATED CONTENT

FREE News Alerts

Sign Up for our free News Alerts - All the latest articles on your chosen topics condensed into a free bi-weekly email.

Article Tags

United States Corporate/Commercial Law Compliance Finance and Banking Financial Services

More Tags

Similar Articles

Powered by mondaq AI

MATCH

58%

PCI DSS 3.2: It's Here, What Does It Mean For You? Mintz

57%

FTC Launches Study Of Assessment Process For Payment Card Industry Data Security Standards Ropes & Gray LLP

56%

PCI DSS And Cyber Risk – Beware What Lurks Below The Surface Clyde & Co

Related Articles

New Jersey Adopts Comprehensive Privacy Legislation McDonald Hopkins

State Comprehensive Privacy Law Update – April 8, 2024 WilmerHale

Compliance Steps For Washington's My Health My Data Act WilmerHale

The Dawn Of AI In Manufacturing: Understanding Its Wide Reaching Impact On Industry Foley & Lardner

Pharmaceutical Companies May Be The First Targets Of The Washington State My Health My Data Act Greenberg Traurig, LLP

Mondaq Webinars

APR24

Mastering Mediation & Arbitration: Strategies for Navigating the Rising Tide of Privacy Class Action Lawsuits

APR25

Canadian Employment Law: Updates and Emerging Trends in Employment

McCarthy Tétrault LLP

Comparative Guides

Anti-Corruption & Bribery

Artificial Intelligence

Aviation Finance

Aviation Regulation

Banking Regulation

Mondaq Advice Centres

United States

Advertising and Marketing

United States

Telemarketing

United States

COVID-19

Global

Trademarks in SAARC Countries

United States

International Trade Law & Customs

Curated Content

Can, And Should, The U.S. Government Develop A CBDC System?
Braumiller Law Group, PLLC

Upcoming Events

MAY10

Peter Barnes Moderates Panel On AI In Tax Administration At NTA Annual Spring Symposium

Caplin & Drysdale

Panel Washington, DC United States

JUN05

Generative-AI And Copyright Law: How To Set-Up A Corporate Framework

Finnegan, Henderson, Farabow, Garrett & Dunner, LLP

Webinar Washington, DC United States

More filters

Mondaq Social Media

© Mondaq® Ltd 1994 - 2024. All Rights Reserved.

Please to Mondaq or for unlimited free access and a complimentary news alert

|

|

|

|