Information re PCI DSS compliance for securing credit card data

Fayrouz Essack made this Freedom of Information request to Rugby Borough Council

This request has been closed to new correspondence from the public body. Contact us if you think it ought be re-opened.

The request was successful.

Dear Rugby Borough Council,

• Does your organisation store or process any credit card data or other sensitive personal data?
• Are you currently PCI compliant and if so at which level?
• Have you ever failed a PCI assessment test in the last 3 years, if so how many times and why?
• During your last PCI assessment how many areas did your PCI auditor identify as in need of remediation?
• How much budget did you spend in the last 12 months on reaching/maintaining PCI Compliance?
• How much did your organisation spend on refreshments such as tea, coffee and biscuits in the last year?
• Has your organisation suffered any data breaches of personal data in the last 12 months when credit card data was leaked?
• Which of those breaches did you self-detect and how many were you notified of by third parties such as banks, police authorities etc?

Yours faithfully,

Fayrouz Essack

Contact Centre, Rugby Borough Council

Thank you for contacting Rugby Borough Council. Your enquiry has been received by the Customer Service Centre.
If your enquiry is straightforward and can be dealt with by a Customer Service Advisor, we aim to provide a full response within 2 working days. However, if your enquiry is complex or detailed and further internal enquiries need to be made, your enquiry will be forwarded to the relevant service who will respond to you directly within 5 working days.

THIS E-MAIL AND ANY ATTACHED FILES ARE CONFIDENTIAL AND MAY BE LEGALLY PRIVILEGED.

If you have received this transmission in error or are not the addressee, any disclosure, reproduction, copying, distribution or other dissemination or use of this communication is strictly prohibited. The information contained in this e-mail may be the subject of public disclosure under the Data Protection Act 1998, Freedom of Information Act 2000 or the Environmental Information Regulations 2004- unless legally exempt from disclosure, the confidentiality of this e-mail and your reply cannot be guaranteed. Visit http://www.rugby.gov.uk for more information.

Thank you for your co-operation.

Rugby Borough Council

Sue Birch, Rugby Borough Council

This email was classified as NOT PROTECTIVELY MARKED on 14 January 2015
15:08:21 by Sue Birch

Dear Mr Essack

 

SERVICE REQUEST REF 147765

REQUEST FOR INFORMATION UNDER THE FREEDOM OF INFORMATION ACT 2000

 

Thank you for your request for information under the Freedom of
Information Act.

 

I confirm that you will receive a formal response within 20 working days
from the date of the request.  If you have any enquiries regarding this
matter, please do not hesitate to contact me.

 

 

Sue Birch

Communications, Consultation & Information Officer

(01788) 533864

 

THIS E-MAIL AND ANY ATTACHED FILES ARE CONFIDENTIAL AND MAY BE LEGALLY
PRIVILEGED.

If you have received this transmission in error or are not the addressee,
any disclosure, reproduction, copying, distribution or other dissemination
or use of this communication is strictly prohibited. The information
contained in this e-mail may be the subject of public disclosure under the
Data Protection Act 1998, Freedom of Information Act 2000 or the
Environmental Information Regulations 2004- unless legally exempt from
disclosure, the confidentiality of this e-mail and your reply cannot be
guaranteed. Visit http://www.rugby.gov.uk for more information.

Thank you for your co-operation.

Rugby Borough Council

Sue Birch, Rugby Borough Council

1 Attachment

This email was classified as NOT PROTECTIVELY MARKED on 02 February 2015
14:58:25 by Sue Birch

 

 

Sue Birch

Communications, Consultation & Information Officer

(01788) 533864

 

THIS E-MAIL AND ANY ATTACHED FILES ARE CONFIDENTIAL AND MAY BE LEGALLY
PRIVILEGED.

If you have received this transmission in error or are not the addressee,
any disclosure, reproduction, copying, distribution or other dissemination
or use of this communication is strictly prohibited. The information
contained in this e-mail may be the subject of public disclosure under the
Data Protection Act 1998, Freedom of Information Act 2000 or the
Environmental Information Regulations 2004- unless legally exempt from
disclosure, the confidentiality of this e-mail and your reply cannot be
guaranteed. Visit http://www.rugby.gov.uk for more information.

Thank you for your co-operation.

Rugby Borough Council