Dear Chesterfield Borough Council,
• Does your organisation store or process any credit card data or other sensitive personal data?
• Are you currently PCI compliant and if so at which level?
• Have you ever failed a PCI assessment test in the last 3 years, if so how many times and why?
• During your last PCI assessment how many areas did your PCI auditor identify as in need of remediation?
• How much budget did you spend in the last 12 months on reaching/maintaining PCI Compliance?
• How much did your organisation spend on refreshments such as tea, coffee and biscuits in the last year?
• Has your organisation suffered any data breaches of personal data in the last 12 months when credit card data was leaked?
• Which of those breaches did you self-detect and how many were you notified of by third parties such as banks, police authorities etc?
Dear Mr/Ms. Smith,
Thank you for your Freedom of Information request, received today in
relation to: 'Information re PCI DSS compliance for securing credit card
The request has been logged under Reference FOI 1505 and will now be
assigned to an officer for a response.
The statutory period for response time for these requests is 20 working
days (with some exceptions).
Please quote the above reference in any further correspondence.
sent on behalf of Gerard Rogers
Senior Solicitor and Deputy Monitoring Officer
Full Request Details
Dear Julie Sparks,
Can you please provide an update on the FOI request re: PCI DSS compliance for securing credit card data? As required by law the information should have been sent by 30 Jan 2015.
Please find details of you FOI Request
Tony Smith CISSP, iisp Affiliate member
Head of Security for Chesterfield, Derbyshire Dales and Congleton, Public
Sector & Contact Centres, Cyber Security and Resilience. Chair - East
Midlands Councils WARP.
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.Donate Now