According to PCI DSS Compliance Blog, beginning January 1, 2010, the state of Nevada will mandate PCI DSS compliance for businesses accepting credit cards. In so doing, Nevada will become the first state to transform the PCI DSS requirements into law.
With non-compliant businesses already facing steep financial penalties, as well as risks of not being able to accept credit cards and lawsuits (almost sure to follow any data security breach), non-compliance with PCI DSS would seem sufficiently punitive already. But with states like Nevada making law of PCI DSS, PCI compliance will certainly take on a new level of visibility and, perhaps, controversy.
Nevada’s law will actually serve to shield PCI compliant businesses from additional liability should a data security breach occur and litigation ensue. Nevada’s new law will provide relief for Nevada businesses (at least those that accept or process credit card payments) by protecting compliant companies from potentially bankrupting lawsuits.
Tuesday, July 14, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment