Information re PCI DSS compliance for securing credit card data

KSmith made this Rhyddid Gwybodaeth request to Carrickfergus Borough Council

This request has been closed to new correspondence from the public body. Contact us if you think it ought be re-opened.

Roedd y cais yn llwyddiannus.

Dear Carrickfergus Borough Council,

• Does your organisation store or process any credit card data or other sensitive personal data?
• Are you currently PCI compliant and if so at which level?
• Have you ever failed a PCI assessment test in the last 3 years, if so how many times and why?
• During your last PCI assessment how many areas did your PCI auditor identify as in need of remediation?
• How much budget did you spend in the last 12 months on reaching/maintaining PCI Compliance?
• How much did your organisation spend on refreshments such as tea, coffee and biscuits in the last year?
• Has your organisation suffered any data breaches of personal data in the last 12 months when credit card data was leaked?
• Which of those breaches did you self-detect and how many were you notified of by third parties such as banks, police authorities etc?

Yours faithfully,

KSmith

Dear Carrickfergus Borough Council,

Can you please provide an update on the outstanding FOI request re PCI DSS compliance for securing credit card data? By law a response should have been received by 26 Jan 2015.

Yours faithfully,

KSmith

Lynn Gordon, Carrickfergus Borough Council

Good morning

Your request has been forwarded to our Finance Department for a reply.

I will be in touch again with you this week and would offer my apologies for the delay in responding to you.

Kind regards

L Gordon

Lynn Gordon
Human Resources Manager

Tel: 028 9335 8028
Fax: 028 9336 6676
Email: [email address]
Web: www.carrickfergus.org

Carrickfergus Borough Council
Museum & Civic Centre
11 Antrim Street
Carrickfergus
Co. Antrim
BT38 7DG

dangos adrannau a ddyfynnir

Lynn Gordon, Carrickfergus Borough Council

4 Atodiad

Good evening

 

Please find below a partial response to your foi request in relation to
the figures requested for refreshments etc…

 

I have asked the Director Mr Eagleson to provide the remaining
information, and hope to have this with you soon.

 

My apologies for the delay.

 

Kind regards

 

Lynn Gordon

 

 

Lynn Gordon T: 028 9335 8028 [4]Carrickfergus [5]Carrickfergus
Human Resources F: 028 9336 6676 Borough Council Borough Council
Manager E: Facebook Page Twitter Page
[2][email address]
[1]Carrickfergus W: [3]www.carrickfergus.org
Borough Council
Website Carrickfergus Borough Council
Museum & Civic Centre
11 Antrim Street
Carrickfergus
Co. Antrim
BT38 7DG

 

    Please consider the environment before printing this email
message.
Disclaimer:
This message contains confidential information and is intended only for
[FOI #245484 email],
[email address]. If you are not
[FOI #245484 email],
[email address] you should not disseminate, distribute or
copy this e-mail. Please notify [email address] immediately
by e-mail if you have received this e-mail by mistake and delete this
e-mail from your system. E-mail transmission cannot be guaranteed to be
secure or error-free as information could be intercepted, corrupted, lost,
destroyed, arrive late or incomplete, or contain viruses. Lynn Gordon
therefore does not accept liability for any errors or omissions in the
contents of this message, which arise as a result of e-mail transmission.
If verification is required please request a hard-copy version.

From: Stewart McClean
Sent: 30 January 2015 14:36
To: Ian Eagleson; Lynn Gordon
Subject: RE: Freedom of Information request - Information re PCI DSS
compliance for securing credit card data

 

Ian / Lynn

Having worked with Myrtle on this, the figure for refreshments etc is
£7,737.

Thanks,

Stew

 

 

Stewart McClean T: 028 9335 8000 [9]Carrickfergus [10]Carrickfergus
Accounts F: 028 9336 6676 Borough Council Borough Council
Assistant E: Facebook Page Twitter Page
[7][email address]
[6]Carrickfergus W: [8]www.carrickfergus.org
Borough Council
Website Carrickfergus Borough Council
Museum & Civic Centre
11 Antrim Street
Carrickfergus
Co. Antrim
BT38 7DG

 

    Please consider the environment before printing this
email message.
Disclaimer:
This message contains confidential information and is intended only for
[11][email address], [12][email address]. If
you are not [13][email address],
[14][email address] you should not disseminate, distribute
or copy this e-mail. Please notify [15][email address]
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. E-mail transmission cannot be
guaranteed to be secure or error-free as information could be intercepted,
corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.
Stewart McClean therefore does not accept liability for any errors or
omissions in the contents of this message, which arise as a result of
e-mail transmission. If verification is required please request a
hard-copy version.

From: Lynn Gordon <[16][email address]>
Date: 23 December 2014 15:06:44 GMT
To: Ian Eagleson <[17][email address]>, David McCleery
<[18][email address]>
Cc: Sheila McClelland <[19][email address]>, Glenda
Pearson <[20][email address]>, Rhonda McIlroy
<[21][email address]>
Subject: FW: Freedom of Information request - Information re PCI DSS
compliance for securing credit card data

Ian

Could you give me the information requested please.

20 working days to respond from tomorrow.

Lynn

Lynn Gordon
Human Resources Manager

Tel:    028 9335 8028
Fax:    028 9336 6676
Email:  [22][email address]
Web:    [23]www.carrickfergus.org

Carrickfergus Borough Council
Museum & Civic Centre
11 Antrim Street
Carrickfergus
Co. Antrim
BT38 7DG

dangos adrannau a ddyfynnir

Lynn Gordon, Carrickfergus Borough Council

4 Atodiad

Good afternoon

 

Please see below the final piece of information in relation to your foi
request.  It has been provided by Mr Stewart McClean, Accounts Assistant.

 

Kind regards

 

 

Lynn Gordon

Human Resource Manager

 

From: KSmith [[1]mailto:[FOI #245484 email]]
Sent: 23 December 2014 13:28
To: Lynn Gordon
Subject: Freedom of Information request - Information re PCI DSS
compliance for securing credit card data

Dear Carrickfergus Borough Council,

•       Does your organisation store or process any credit card data or
other sensitive personal data?  NO
•       Are you currently PCI compliant and if so at which level?  YES –
Self Assessment Questionnaire Level C Compliant
•        Have you ever failed a PCI assessment test in the last 3 years,
if so how many times and why?  NO
•       During your last PCI assessment how many areas did your PCI
auditor identify as in need of remediation?  NONE
•        How much budget did you spend in the last 12 months on
reaching/maintaining PCI Compliance?  NONE
•       How much did your organisation spend on refreshments such as
tea, coffee and biscuits in the last year?  PREVIOUSLY ANSWERED
•       Has your organisation suffered any data breaches of personal
data in the last 12 months when credit card data was leaked?  NO
•       Which of those breaches did you self-detect and how many were
you notified of by third parties such as banks, police authorities etc? 
N/A

 

Lynn Gordon T: 028 9335 8028 [5]Carrickfergus [6]Carrickfergus
Human Resources F: 028 9336 6676 Borough Council Borough Council
Manager E: Facebook Page Twitter Page
[3][email address]
[2]Carrickfergus W: [4]www.carrickfergus.org
Borough Council
Website Carrickfergus Borough Council
Museum & Civic Centre
11 Antrim Street
Carrickfergus
Co. Antrim
BT38 7DG

 

    Please consider the environment before printing this email
message.
Disclaimer:
This message contains confidential information and is intended only for
[FOI #245484 email],
[email address]. If you are not
[FOI #245484 email],
[email address] you should not disseminate, distribute or
copy this e-mail. Please notify [email address] immediately
by e-mail if you have received this e-mail by mistake and delete this
e-mail from your system. E-mail transmission cannot be guaranteed to be
secure or error-free as information could be intercepted, corrupted, lost,
destroyed, arrive late or incomplete, or contain viruses. Lynn Gordon
therefore does not accept liability for any errors or omissions in the
contents of this message, which arise as a result of e-mail transmission.
If verification is required please request a hard-copy version.

References

Visible links
1. mailto:[FOI #245484 email]
2. http://www.carrickfergus.org/
3. Click to send email to Lynn Gordon
mailto:[email address]
4. http://www.carrickfergus.org/
5. http://www.facebook.com/CarrickfergusBC
6. https://twitter.com/#!/CarrickfergusBC