PCI Compliance Training

All employees and non-permanent employees (i.e., temporary, student employees or volunteers) who handle credit card payments or who have access to credit card data must undergo training annually.

The PCI Committee has developed training via Wombat Information Systems. A short presentation is available to watch, followed by a Q & A session. Training can be completed either as a group or individually. Individual training will be tracked by the PCI Committee. When training is completed in a group setting, the manager of the department must document the training by keeping a log of the employee’s name and the date the training occurred. This document should be kept by the department so that it is available to the PCI Committee for audit purposes.

Please note, it is the responsibility of the department manager to identify the individuals that will be processing credit cards in their department and ensure that those individuals receive this training. All employees have access to the Wombat training module and should follow the guide (link below) that provides instructions on how to access the training video. Employees encountering difficulty accessing the training should send an email to infosectranhelp@listserv.syr.edu for assistance. If you have any questions regarding the above or PCI DSS, please contact Margie Greeson at magreeso@syr.edu or Chris Croad at ccroad@syr.edu.

Access PCI Training Videos

PCI Tips: Protecting Cardholder Data