SECURITY HIGHLIGHT: Stanford University policy states that no payment card data can be stored on University systems.
The Stanford University Administrative Guide contains the general policies governing payment card security:
- Information Security Policy (Administrative Guide 6.3.1)
- Card and Payment Account Acceptance and Processing Policy (Administrative Guide 3.4.2)
Stanford's Data Governance Board classifies payment card data as prohibited information that is not allowed to be stored, and the two preceding policies cover this rule.
Standard PCI DSS Policies
Stanford has an additional set of standard policies specific to the PCI DSS requirements for payment card operations. Select one of the pages below to view the detailed policies.
Categorized Policy List (policies are categorized by 2 groups: Merchant Process and Technical Infrastructure)