For any ministry accepting, processing, storing or transmitting the credit card information of members and donors, PCI compliance should be a familiar term. But because digital payments and security practices are ever evolving, here’s a quick refresher.
What is PCI Compliance?
PCI stands for Payment Card Industry. PCI DSS (Data Security Standard) is a set of requirements created by the PCI Security Standards Council. All organizations accepting and handling credit card payments must comply with these requirements to safeguard financial information from theft and misuse. The PCI compliance standards include measures such as state-of-the-art firewalls, data encryption, restricted data access, proper password protections, and more.
What if Our Church Isn’t PCI Compliant?
Noncompliance can have many consequences, including data breaches, damaged reputation, substantial fines and legal action. Individuals can sue for negligence and damages.
How Can We Achieve PCI Compliance?
The simplest and safest way for churches to achieve and maintain PCI compliance is to use a payments software provider that handles the task for you. If your church uses online tools to accept and process credit card giving, make sure those tools are PCI compliant now and continue to be PCI compliant as the standards evolve. Never store credit card information or sensitive data on your own computers.
i3 Nonprofit Solutions Text Giving and Online Giving software is Level 1 PCI compliant. This is the highest level of compliance and payment security standards, earned only by companies with high credit card processing volumes and iron-clad security practices. To learn more about our giving and payments tools for churches, please contact us.