3 Ways Restaurants Can Tackle PCI Compliance

July 20 2017

Author: Natalie Jacks

Every restaurant that accepts credit cards has to reach Payment Card Industry Data Security Standard (PCI DSS) compliance.

This compliance – composed of a series of requirements – helps with cardholder data security and protects against malware, lessening the chance of security breaches.

From managing employee access to the logistics of filling out forms, compliance can be a source of confusion for restaurant owners – but it doesn’t have to be. Here are some ways restaurant owners can tackle even the trickiest parts of PCI DSS compliance, and ensure they stay focused on serving up excellent food.

1. Use unique employee IDs: A common pain point for reaching PCI DSS compliance is employees’ access to data – especially when several machines and staff members are running payment cards. Restaurants should make sure their POS system allows employees to use unique identifications to access information. It’s also necessary to encrypt data. Restaurants that use an older POS system may want to contact their processor to ensure all data is encrypted.

2. Work with processors: Most processors offer PCI programs, helping their customers and supporting the merchant through the process. Some processors will charge a PCI DSS compliance assistance fee – if they do, restaurants should take advantage of it. Processors can help business owners complete the annual self-assessment questionnaire (SAQ). Although maintaining PCI DSS compliance is not legally required, many major processors will charge a non-compliance fee, which is easily avoidable if businesses meet compliance standards.

3. Mark your calendars: It’s important to protect customers’ data and monitor compliance year-round, so restaurants should take extra precaution to complete their annual SAQ to guarantee they’re still on track. There are nine different versions of an SAQ, so the type will depend on how your company handles data. It can vary between a simple questionnaire or a longer, more technical one. Allot the appropriate amount of time you will need to complete it.

Tackling PCI DSS compliance doesn’t have to be a daunting or expensive task. Some of the most intimidating areas of compliance can be dealt with by simply having a conversation with a processor. Remembering to meet SAQ deadlines allows restaurants to worry less about payment breaches and more on providing their customers with exceptional service. 

Learn about how to help protect your business and customers against data theft with our PCI compliance solution.