Overview
The Payment Card Industry Security Standards Council recently released version 4.0 of its Data Security Standard (PCI DSS 4.0). The new version—which brings major changes to the payments ecosystem—places an increased focus on targeted risk analysis, organizational maturity and governance. It also makes PCI DSS compliance a continuous effort, rather than an annual snapshot exercise, and introduces a customized approach to PCI assessments, enabling businesses to implement alternative technical and administrative controls that meet the customized approach objective.
Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of RSM US as they discuss how merchants, service providers, issuers, acquirers, and any other businesses that store, process, or transmit payment cardholder data should begin planning for PCI DSS 4.0.
Discussion topics will include:
- How businesses must prepare for the increased legal risks of PCI DSS 4.0’s obligations.
- The structural changes required to convert to PCI DSS 4.0 and the PCI assessment requirements.
- When businesses should consider involving legal counsel and other consultants to assess their transition to PCI DSS 4.0.