PCI Compliance 2010
Bruce Rutherford, chairman of the PCI Security Standards Council, recently wrote an article for Bank Technology News. In the article, Rutherford outlines what’s ahead for PCI Compliance this year. Here are the major deadlines for you to be aware of in 2010:
November 2009 - April 2010: PCI DSS and PA-DSS feedback review process.
March: Council shares summary of feedback with market.
Late April: New PIN transaction security (PTS) standard released (formerly PIN Entry Device (PED) Standard).
Spring: Council shares framework on emerging technologies, and the first piece of guidance.
Early summer: Summary of proposed changes to the DSS provided to participating organizations and market.
May-September: New version/revision and final review.
September 21-23: 2010 US community meeting in Orlando.
October 18-20: 2010 European community meeting in Barcelona.
October 2010: Next iteration of both PCI DSS and PA-DSS released to public.
This year’s events follow the defined 24-month lifecycle of the PCI standards. The lifecycle ensures a gradual, phased use of new versions of the standard without invalidating current implementations of the standards or putting any organization out of compliance the moment changes are published.