A credit card data breach is a retailer’s worst nightmare.
In addition to Federal and State data privacy regulations, retailers must concern themselves with Payment Card Industry (PCI) data security certification. DSS compliance requires that not only do you protect cardholder information you must also maintain the integrity of your card data collection system. You must regularly monitor all collection devices to make sure they function properly and have not been tampered with. There are 12 security issues that must be maintained for PCI DSS Compliance
3rd party service providers must be certified PCI DSS compliant as well
You are required to confirm that any 3rd party service provider that comes in contact with card holder data which includes data storage media as well as card data collection devices is certified by the PCI DSS council for that activity.
PCI defines a service provider as: A Business entity that is not a payment brand, directly involved in processing, storage, or transmission of cardholder data. This also includes companies that provide services that control or impact the security of card holder data.
Back Thru The Future provides secure data destruction services for the shredding of data media that holds cardholder data as well a product destruction services for card reading devices. Back Thru The Future has met the PCI DSS third party compliance certification requirements of completing the 96 page PCI Third Party Self Assessment Questionnaire “SAQ”
A one stop regulatory compliant solution to your secure data destruction needs
Destroying non-public personal information (NPPI) recorded on your old hard drives, cell phones, PDAs and other data media is both technically complex and time consuming. Back Thru The Future’s Safe Harbor Express® (or SHE) is a turnkey annual contract for scheduled onsite GLBA compliant NPPI destruction. It replaces ad-hoc, inconsistent data destruction processes that put your business at risk. This service is a highly affordable, easily implemented and simple to manage solution to the GLBA NPPI destruction requirements (more details here).