Credit Card Data Purge Policy

Subscriber Content
Screenshot of the first page of Credit Card Data Purge Policy

This policy outlines procedures for the credit card data purge process, including a purge schedule.

The payment card industry (PCI) data security standard requires that certain procedures are in place for compliance. In order to limit the risk and impact of a security breach, it is highly recommended that card numbers be truncated or purged as soon as they are no longer needed, even if the card numbers are in hashed or encrypted form. This document covers procedures to purge or truncate the card number from databases, as well as associated electronic files on the server. For electronic documents, hard-copy files, and emails on user hard drives or shared drives, separate procedures will govern the purging process.


Topics
Accounting/Finance
Accounts Receivable
Document Retention
Data Security
Credit & Collections
Internal Controls
Cash & Treasury

Related Resources

Benchmarking Tools

Accounts Receivable, Credit and Collections Leading Practices

Protiviti Booklets

The Global Privacy and Information Security Landscape: Frequently Asked Questions

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It