Credit Card Transactions

The electronic and physical systems owned or licensed by Tufts University used to store and access institutional data are institutional systems. All acceptance of credit or debit card transactions, requires the prior approval of Treasury Operations.

Why?

Using the Tufts network to accept credit card transactions is prohibited because of the liability it produces for the University. Credit card numbers are also subject to regulation by the Massachusetts Data Privacy Laws.

Getting Started

  1. Review your business practices with the Treasury Operations department to verify that your process is compliant with the PCI and Tufts policy.
  2. Review the policy for accepting credit card and ecommerce payments and complete the application to become a merchant accepting credit card or online payments.
  3. Comply with the Tips and Guidelines for Sensitive Personal Information. The Sensitive Personal Information Guide is also available as a quick summary.

Documentation

Policy for accepting credit card and ecommerce payments
Application to Become a Merchant Accepting Credit Card and/ or Online Payments
PCI Security Standards
Massachusetts Data Privacy Laws
University Records Policy
Confidential Records Destruction
Information Classification and Handling Policy