LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Payment Card Industry (PCI) and RM contributions
From:	"Enns, Lois" <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Fri, 17 Apr 2009 08:50:45 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (76 lines)

Hello everyone,

I've been involved in our municipality's PCI certification project for
about a year. This is an IT-run project, with RM contributions. There
are about 250 requirements for PCI but most relate to IT, terminal and
staff security. 

For quick reference, the RM focus is sections 3.1, 4.2, 7.1, 8.1, 9.2,
9.3.2, 9.3.3, 9.4, 9.7, 9.8, 9.9 and 9.10.

Our RM contributions have been around the Merchant Slips, which are
created using about 75 terminals in about 20 locations. For starters,
the card number was masked on Merchant Slips and we validated the
companies involved in the movement of the boxed records (courier,
storage vendor, shredding).

There was a push to move the retention to 18 months but after we
reviewed our internal/external audit policies, there was a group
decision to hold at 7 years (risk management and finance were strongly
in favour).

We are rolling in the PCI/RM activities to our RM Manual (for example,
the business units are required to phone the Records Centre before
shipping boxes) and will underline this in our fall RM workshops. The
appropriate section of the RM Manual will be quoted in the final,
approved, PCI Corporate Policy.

Thought this would be helpful for anyone who's being asked to
collaborate on PCI.

Regards,
Lois


LOIS ENNS | RECORDS MANAGER

CITY OF SURREY
Legislative Services Division
14245 56 Ave, Surrey, BC, Canada V3X 3A2
P 604 591-4554 | 604 591 8731 www.surrey.ca

Please consider the environment before printing this email.
 


-----Original Message-----
From: Records Management Program [mailto:[log in to unmask]] On
Behalf Of Larry Medina
Sent: April-17-09 7:52 AM
To: [log in to unmask]
Subject: RAINdrip: 2008 Privacy Breach Report

Thanks to Verizon for publishing this report... everybody breathe a sigh
of
relief if you weren't one of the 285,000,000 affected!!


http://news.cnet.com/8301-1009_3-10220630-83.html

http://snipurl.com/g37jl  [www_verizonbusiness_com] 

Larry
[log in to unmask]

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already
present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of
the message.
mailto:[log in to unmask]

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US