How long are you required to keep phone recordings for PCI Compliance

5 pts.
Tags:
Call Center
Compliance
PCI compliance
Call Center taking calls with credit card information given. How long are we to keep these recordings for PCI Compliance?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Check out the Wiki link. It can vary by state,

here’s part of it

Mandated compliance[edit]

Compliance with PCI DSS is not required by federal law in the United States. However, the laws of some U.S. states either refer to PCI DSS directly, or make equivalent provisions.

In 2007, Minnesota enacted a law prohibiting the retention of payment card data.[11]

In 2009, Nevada incorporated the standard into state law, requiring compliance of merchants doing business in that state with the current PCI DSS, and shields compliant entities from liability.[12]

In 2010, Washington also incorporated the standard into state law. Unlike Nevada’s law, entities are not required to be compliant to PCI DSS, but compliant entities are shielded from liability in the event of a data breach.[13]

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: