Our Information Security team is taking these steps to comply with a mandate from the state Treasurer’s Office and with Payment Card Industry (PCI) standards. This move will also reduce our risk of exposure and the possible costs associated with inadvertent release of credit card data. Deleting credit card information also demonstrates that WVU is making measurable progress toward PCI compliance, averting potential impact to our cyber liability insurance coverage.
ITS has taken a similar approach in managing Social Security Numbers in accordance with our Sensitive Data Protection Policy, and this expands our practice of deleting both credit card information and SSNs found in recycle bins and temporary file folders.
You do not need to take any action. This email is merely informative. Please direct any questions to InfoSec@mail.wvu.edu.