PCI – Does it Apply to You?
There is no shortage of information regarding Payment Card Industry (PCI) data security standards – so much, in fact, that it can become pretty confusing. For the purpose of this post, let’s focus on how PCI applies to different organizations.
The 4 PCI Merchant Levels
First and foremost, it’s important to understand that PCI Compliance is required by any organization that stores, processes or transmits credit card data. In the case of the hospitality sector it affects the largest chain hotels right down to the smallest independent B&B’s.
Level 1
- Over 6 million credit card transactions per year
- Requirement: annual on-site audit + quarterly network scans
Level 2
- 150,000 to 6 million credit card transactions per year
- Requirement: annual self-assessment + quarterly network scans
Level 3
- 20,000 to 1 million credit card transactions per year
- Requirement: annual self-assessment + quarterly network scans
Level 4
- Less than 20,000 credit card transactions per year
- Requirement: annual self-assessment + annual network scan
PCI and Property Management Software
Because so much credit card data flows through your property management system, selecting the right PMS solution provider can go a long way towards your hotel becoming PCI compliant.
A few questions to ask your property management software vendor:
- Is your PMS provider PCI Certified?
- Does your PMS vendor offer a program to help you become PCI compliant?
Be proactive and find out how your PMS provider can help you attain the highest level of data security possible for your property and work to reduce the PCI compliance burden for your hotel.
In an upcoming post we’ll look at the risks associated with your property not becoming PCI compliant.
Photo Credit: Purple Slog
Back to Main Blog