If your role includes using credit card information at work, it’s important that you know how to store this personal information safely.
All UNSW employees and contractors are required by NSW privacy law to protect personal information, which generally is information that can identify a person or is likely to identify them. (The formal definition of personal information used at UNSW is that set out in NSW privacy law and which is provided in our business glossaries in the Data Cookbook.)
Different types of personal information, such as a date of birth, signature or home address, carry different types of risks. That risk can increase when one or more types of personal information are combined (such as storing a bank PIN in a wallet with bank access cards).
The risk of incorrectly storing credit card details needs no explanation. UNSW strives to protect this information through data governance that includes complying with the Payment Card Industry Data Security Standards (PCI DSS).
To ensure we comply, no-one should be storing credit card details locally in their Faculty, School or business unit. This information should only be captured in:
- a UNSW System of Record used by your Faculty or Division, or
- the Records & Archives Management System (RAMS).
For more information, please contact one of the following:
Privacy queries email@example.com
Data storage queries firstname.lastname@example.org
Data governance queries email@example.com