The Payment Card Industry Data Security Standard (PCI/DSS) was introduced to help improve cardholder data security and assist in the uptake of consistent data security measures internationally.
The team have recently introduced new guidance for schools, and will undertake an annual audit to review the processes in Suffolk’s schools. Schools will now be required to complete an annual certificate and submit to SAT.
SAT would advise that where credit/debit card payments are to be accepted/processed directly by schools or where they have been in the past and the associated records are still held, schools review the policy document below with a view to undertake a full review of their processes where required.

PCI DSS Certificate 2024

PCI DSS FAQs – v1.2

PCI DSS Finance Regulations V1.2

Model Schools Policy PCI DSS