Skip to Content

Credit Cards and Payment Card Industry (PCI) Compliance


The ability to conduct credit card transactions has become a necessity for increased customer service, particularly with the increase in e-commerce. The University recognizes that use of credit cards may stimulate sales in certain types of transactions and may increase the cash collections efficiency. The need to protect our customer's credit cards data is essential.

This website provides University units and departments with essential information regarding the requirements and best practices for payment card related activities.

What is PCI?

PCI stands for Payment Card Industry. PCI Data Security Standards are national standards from the Payment Card Security Standards Council and apply to all organizations anywhere in the country that process, transmit or store credit cardholder data.

The University and all departments that process payment card data have a contractual obligation to adhere to the PCI Data Security Standard (PCI-DSS). We must adhere to these standards to protect our customers and to continue to process payments using payment cards. Each year, departments and units that are conducting payment card activities must submit a Self-Assessment Questionnaire (SAQ) to the U.Va. Payment Card Services unit assuring their compliance with the PCI data security standards.

Questions about the University of Virginia's Credit Cards and Payment Card Industry compliance?
Contact U.Va. Payment Card Services at or view our staff listing.