Common use of PCI DSS Requirements Clause in Contracts

PCI DSS Requirements. Contractor represents and warrants that it shall implement and maintain certification of Payment Card Industry (“PCI”) compliance standards regarding data security and that it shall undergo independent third-party quarterly system scans that audit for all known methods hackers use to access private information, in addition to vulnerabilities that would allow malicious software (i.e., viruses and worms) to gain access to or disrupt the network devices. If during the term of the Agreement, Contractor undergoes, or has reason to believe that it will undergo, an adverse change in its certification or compliance status with the PCI DSS standards and/or other material payment card industry standards, it will promptly notify the CSU of such circumstances. Contractor agrees to promptly provide current evidence of PCI-DSS standards at the CSU request. The form and substance of such evidence must be reasonably satisfactory to and must be certified by an authority recognized by the payment card industry for that purpose. Contractor shall maintain and protect in accordance with all applicable laws and PCI regulations the security of all cardholder data when performing the contracted Services on behalf of the CSU. Contractor will provide reasonable care and efforts to detect fraudulent credit card activity in connection with credit card transactions processed for the CSU. Contractor shall indemnify and hold CSU harmless from loss or damages resulting from Contractor’s failure to maintain PCI compliance standard in accordance with this section. Contractor shall not be held responsible for any such loss of data if it is shown that the loss occurred as a result of the sole negligence of the CSU.

PCI DSS Requirements. Contractor represents and warrants that it shall implement and maintain certification of Payment Card Industry (“PCI”) compliance standards regarding data security and that it shall undergo independent third-third party quarterly system scans that audit for all known methods hackers use to access private information, in addition to vulnerabilities that would allow malicious software (i.e., viruses and worms) to gain access to or disrupt the network devices. If during the term of the Agreement, Contractor undergoes, or has reason to believe that it will undergo, an adverse change in its certification or compliance status with the PCI DSS standards and/or other material payment card industry standards, it will promptly notify the CSU of such circumstances. Contractor agrees to promptly provide current evidence of PCI-DSS standards at the CSU request. The form and substance of such evidence must be reasonably satisfactory to and must be certified by an authority recognized by the payment card industry for that purpose. Contractor shall maintain and protect in accordance with all applicable laws and PCI regulations the security of all cardholder data when performing the contracted Services on behalf of the CSU. Contractor will provide reasonable care and efforts to detect fraudulent credit card activity in connection with credit card transactions processed for the CSU. Contractor shall indemnify and hold CSU harmless from loss or damages resulting from Contractor’s failure to maintain PCI compliance standard in accordance with this section. Contractor shall not be held responsible for any such loss of data if it is shown that the loss occurred as a result of the sole negligence of the CSU.

PCI DSS Requirements. Contractor represents and warrants that it shall implement and maintain certification of Payment Card Industry (“PCI”) compliance standards regarding data security and that it shall undergo independent third-third party quarterly system scans that audit for all known methods hackers use to access private information, in addition to vulnerabilities that would allow malicious software (i.e., viruses and worms) to gain access to or disrupt the network devices. If during the term of the Agreement, Contractor undergoes, or has reason to believe that it will undergo, an adverse change in its certification or compliance status with the PCI DSS standards and/or other material payment card industry standards, it will promptly notify the CSU of such circumstances. Contractor agrees to promptly provide current evidence of PCI-DSS standards at the CSU request. The form and substance of such evidence must be reasonably satisfactory to and must be certified by an authority recognized by the payment card industry for that purpose. Contractor shall maintain and protect in accordance with all applicable laws and PCI regulations the security of all cardholder data when performing the contracted Services on behalf of the CSU. Contractor will provide reasonable care and efforts to detect fraudulent credit card activity in connection with credit card transactions processed for the CSU. Contractor shall indemnify and hold CSU harmless from loss or damages resulting from Contractor’s failure to maintain PCI compliance standard in accordance with this section. Contractor shall not be held responsible for any such loss of data if it is shown that the loss occurred as a result of the sole negligence of the CSU.

PCI DSS Requirements. Contractor represents and warrants that it shall implement and maintain certification of Payment Card Industry (“PCI”) compliance standards regarding data security and that it shall undergo independent third-third party quarterly system scans that audit for all known methods hackers use to access private information, in addition to vulnerabilities that would allow malicious software (i.e., viruses and worms) to gain access to or disrupt the network devices. If during the term of the Agreement, Contractor undergoes, or has reason to believe that it will undergo, an adverse change in its certification or compliance status with the PCI DSS standards and/or other material payment card industry standards, it will promptly notify the CSU of such circumstances. Contractor agrees to promptly provide current evidence of PCI-DSS standards at the CSU request. The form and substance of such evidence must be reasonably satisfactory to and must be certified by an authority recognized by the payment card industry for that purpose. Contractor shall maintain and protect in accordance with all applicable laws and PCI regulations the security of all cardholder data when performing the contracted Services on behalf of the CSU. Contractor will provide reasonable care and efforts to detect fraudulent credit card activity in connection with credit card transactions processed for the CSU. Contractor shall indemnify and hold CSU harmless from loss or damages resulting from Contractor’s failure to maintain PCI compliance standard in accordance with this section. Contractor shall not be held responsible for any such loss of data if it is shown that the loss occurred as a result of the sole negligence of the CSU.