Request re: PCI DSS Council

KSmith made this Freedom of Information request to Blaenau Gwent County Borough Council

This request has been closed to new correspondence from the public body. Contact us if you think it ought be re-opened.

The request was successful.

Dear Blaenau Gwent Council,

• Does your organisation store or process any credit card data or other sensitive personal data?
• Are you currently PCI compliant and if so at which level?

Yours faithfully,

KSmith

Dear Blaenau Gwent County Borough Council,

Can you please provide an update on the status of the FOI request relating to PCI DSS Compliance as I have yet to receive a response within the legally required timeframe.

Yours faithfully,

KSmith

Blaenau Gwent County Borough Council

I will be out of the Office until Monday 21st December.

For any urgent queries please contact the Legal section.

Kind Regards

Information & Governance Officer<BR>
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the system manager.
<BR>
This e-mail also confirms that this e-mail message has been swept for the presence of computer viruses.
<BR>
Mae'r neges ebost hon, ynghyd ag unrhyw ffeiliau sydd ynghlwm wrthi, yn gyfrinachol ac at ddefnydd yr unigolyn neu sefydliad y cyfeiriwyd hi ato. Pe dderbynioch y neges hon mewn camgymeriad, byddwch mor garedig a rhoi gwybod i'r rheolwr system.
Mae'r nodyn hwn hefyd yn cadarnhau bod y neges ebost hon wedi cael ei archwilio am bresenoldeb feirws cyfrifiadurol.

Blaenau Gwent County Borough Council

Dear Sir/Madam,

I acknowledge receipt of your Freedom of Information request and apologise that this was not previously received.
We have been experiencing technical problems with the contact centre email address.

I will liaise with the relevant Officers in order to provide a response to your request.

Yours sincerely,

Information & Governance Officer
Legal & Estates Division
Blaenau Gwent County Borough Council

show quoted sections

Blaenau Gwent County Borough Council

Dear Sir/Madam

In response to your Freedom of Information request, please find the information below.

• Does your organisation store or process any credit card data or other sensitive personal data?
We only store the 1st 6 and last 4 digits which is on a server separate to where the payments are made.
There would not be sensitive personal data stored as a result of a card payment.

• Are you currently PCI compliant and if so at which level?
We are not currently PCI compliant but are working towards this.

All of our card payments are authorised by going out to our software company's server and then on to a company which specialises in dealing with these authorisations with the banks. Both of these companies are PCI compliant.

Yours faithfully,

Information & Governance Officer
Legal & Estates Division
Blaenau Gwent County Borough Council

show quoted sections