Office of Business Operations

Cashiering | Credit Card Best Practices

  • Limit access to cardholder information to only employees who have a business need-to-know.
  • Do not scan, recycle, or duplicate printed cardholder data.
  • Destroy documentation containing credit card information when it is no longer needed.
    • Cardholder data must be securely destroyed using a shredder or a locked disposal box.
  • Process payments immediately upon receipt when possible.
  • Never e-mail credit card information.
  • Do not use wireless networks for the processing of Credit Cards.
  • Protect computer networks with hardware firewall and intrusion detection / protection.
  • The Identity Finder program should be used monthly to scan inboxes, sent folders, and desktops to identify rogue files.
  • Limit Internet usage on computers that process credit cards. Lock computer terminals and paper storage areas when un-attended.