WorkflowOne has achieved compliance with the Payment Card Industry's Data Security Standard. The company, which received a Report of Compliance covering both the Merchant and Service Provider standards, is one of the first in its industry to do so.
"WorkflowOne has made a multi-million dollar investment in hardware, software and system development to protect our customers' credit card data," said Jeff Noffsinger, Vice President of Information Technology. "When our customers' employees, agents, dealers, brokers and consumers purchase print or promotional items through WorkflowOne's e-commerce websites, users can be assured that their credit card information will be handled with the highestlevels of security in the industry."
PCI is an independent body that was created by the major payment cards brands (Visa, MasterCard, American Express, Discover and JCB). The PCI's Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment. PCI applies to all organizations or merchants that accept, transmit or store any cardholder data, regardless of their size or the number of transactions they process.
"We realize that protecting data is essential to earning and maintaining our customers' trust," Noffsinger said. "Our investment in technology, combined with ongoing company-wide training, helps ensure our customers' data is handled with the utmostconfidentiality. As our online transactions continue to grow, we anticipatecontinued investment in technology and training in order to maintain our PCI compliance."
In addition to PCI compliance, WorkflowOne also meets the requirements of SSAE-16 in locations that handle large amounts of customer data, such as Salt Lake City, Utah; Columbus, Ohio; and Dayton, Ohio. SSAE-16 is a standard of the American Institute of Certified Public Accountants which replaced SAS 70 as the authoritative guidance for controls at third-party service organizations. WorkflowOne first achieved SAS 70 Type II certification in 2004.