Data security and PCI DSS

Éloïse Gratton January 21, 2016

My colleague Brad Freedman recently wrote a short piece on the Payment Card Industry Data Security Standard (“PCI DSS”), a contractual standard for the protection of data regarding payment cards issued by the major card brands, including Visa, MasterCard and American Express.

Organizations that accept payment card transactions or store, process or transmit payment card data are usually contractually obligated to comply with PCI DSS. Organizations that handle other kinds of protected or regulated data usually consider PCI DSS to indicate a reasonable standard of care for data protection. Failure to comply with PCI DSS can result in serious adverse consequences, including financial assessments, liabilities and findings of regulatory non-compliance. In his article, he explains how organizations should carefully consider procuring insurance coverage for PCI DSS non-compliance.

To read the article, click here.

Data security PCI

This content has been updated on January 21, 2016 at 8 h 48 min.

Éloïse Gratton

Privacy & Data Protection Law

Data security and PCI DSS

Data governance and privacy risks in Canada: A checklist for boards and c-suite

An Update on New Québec Confidentiality Incidents and Record-Keeping Requirements

The inside scoop on how to become a privacy lawyer: 10 tips from the top

Preparing for the Privacy Reform in Canada

Getting Ready for Québec’s New Privacy Law in 2023 (Part 1): Using what we know so far

Getting Ready for Quebec’s New Privacy Law in 2023 (Part 2): Navigating uncertainty in the Law

Une fugitive recherchée depuis 30 ans, capturée à Berlin grâce à la reconnaissance faciale

CBC Windsor Morning Radio Show

La Cour suprême vient compliquer les cyberenquêtes

Une fugitive capturée à Berlin grâce à la reconnaissance faciale

Aide-mémoire en matière de protection de la vie privée et de sécurité des renseignements personnels

Lucky 7 data privacy and security cheat sheet