Payment Card Industry (PCI) Compliance Guidelines

The COVID-19 pandemic has created many challenges and constraints to the established business processes of many merchants on campus including restricted access to campus and, in many instances, offsite work arrangements. The PCI Compliance Team understands that your established business processes many need to be adjusted to continue conducting business.

If you feel that it is necessary for your merchant account to adjust your business processes to accommodate remote payment card processing, please keep in mind that the PCI Data Security Standards are in effect and must be complied with in carrying out adjusted business processes. While the PCI Compliance Team does not have specific protocols and policies in place to accommodate remote work situations, we are requiring the following at a minimum:

  • Documentation of any changes or modifications to established business processes,
  • Business activity must be conducted on UW-Madison issued work computers and equipment,
  • Global Protect VPN is installed, properly functioning, and connected via a secured internet connection, and
  • Anti-virus and malware software are installed and functioning properly.

With these considerations in mind, the PCI Compliance Team will be reviewing requests for remote processing of payment card transactions on a case-by-case basis. Please send requests for alternative payment card processing to Any questions or concerns can also be directed to this email address.