State Attorneys General Join Forces to Enforce Payment Card Security.
State Attorneys General in California and Connecticut recently announced joint enforcement actions against Citibank for inadequate security measures that permitted hackers to access customers’ credit and debit card information. The state attorneys general also allege that there was an unreasonable delay between when Citibank discovered the security vulnerability and when Citibank began notifying affected customers. Under the terms of the agreement, Citibank will pay California $420,000 and will pay Connecticut $55,000. Citibank will also be required to obtain a third-party audit of its online credit card account system, maintain reasonable security procedures and practices in the future, and provide two years of free credit monitoring to affected individuals.
The hospitality industry should be vigilant in maintaining robust payment card security measures in light of the recent federal and state enforcement actions arising from data breaches. PCI compliance for hoteliers is one necessary step toward credit card security for hotel guests.
The Venza Group has partnered with Arnall Golden Gregory (AGG) to create a series of interactive eLearning modules to address PCI compliance in the hotel industry. Management, employees and IT are taught about the requirements they must support as part of the Payment Card Industry Data Security Standards. The Venza Group also is partnering with AGG to create an interactive eLearning module to train hoteliers on general privacy and security awareness issues.