Cyber Security Policy Manual

C ARD P AYMENT H ANDLING P OLICY

P URPOSE The purpose of this policy is to define the principles by which the City of Greensboro ensures that card payment information is handled and disposed of in a manner that adheres to City’s cyber security policies, protects residents’ information and complies with data security standards required by Payment Card Industry (PCI). Protecting systems and information and ensuring compliance with laws and regulations is fundamental to the successful operation of the City of Greensboro.

S COPE The Card Payment Handling Policy applies to the following:

 All City of Greensboro employees, temporary staff, contractors, consultants, vendors, trainers and the like handling card payment processes  All payment terminals leased, owned and operated by the City of Greensboro  All card payment data stored, processed and transmitted by City of Greensboro systems and applications

R OLES AND RESPONSIBILITIES Function

Responsibility

Cyber Security Team

1. Define the rules and principles outlined in this policy 2. Report non-compliance issues to employee manager and/or HR Adhere to the rules and principles defined in this policy to protect the confidentiality and integrity of card payment information

Employees, temporary staff, consultants, contractors, trainers and the like

Cyber Security Policy Manual

48