Close this search box.

Attention Churches: A Refresher on PCI Compliance and Why You Need It

For any ministry accepting, processing, storing or transmitting the credit card information of members and donors, PCI compliance should be a familiar term. But because digital payments and security practices are ever evolving, here’s a quick refresher. 


What is PCI Compliance?

PCI stands for Payment Card Industry. PCI DSS (Data Security Standard) is a set of requirements created by the PCI Security Standards Council. All organizations accepting and handling credit card payments must comply with these requirements to safeguard financial information from theft and misuse. The PCI compliance standards include measures such as state-of-the-art firewalls, data encryption, restricted data access, proper password protections, and more. 


What if Our Church Isn’t PCI Compliant?  

Noncompliance can have many consequences, including data breaches, damaged reputation, substantial fines and legal action. Individuals can sue for negligence and damages. 


How Can We Achieve PCI Compliance? 

The simplest and safest way for churches to achieve and maintain PCI compliance is to use a payments software provider that handles the task for you. If your church uses online tools to accept and process credit card giving, make sure those tools are PCI compliant now and continue to be PCI compliant as the standards evolve. Never store credit card information or sensitive data on your own computers. 


i3 Nonprofit Solutions Text Giving and Online Giving software is Level 1 PCI compliant. This is the highest level of compliance and payment security standards, earned only by companies with high credit card processing volumes and iron-clad security practices. To learn more about our giving and payments tools for churches, please contact us.  

Recent Posts

Capitation Reimbursement Models: Why They Are Growing in Popularity

Medical providers took a financial hit when the world shut down and fewer patients scheduled routine care and procedures. The New England Journal of Medicine evaluated one of the longest-running value-based care arrangements and found that: The American Medical Association says doctors aren’t “ethically required” to take on every patient.

Read More

Appeals and Grievances: Data Driven Compliance…How Do We Get There?

Appeals and grievances departments work diligently to maintain compliance, keep up with regulations and serve members. However, with large caseloads and many moving parts, manual processes often open up potential risks. As a result, many are turning to data-driven compliance and process automation to mitigate that risk.

Read More