Data Security Committee

Mission Statement: Committee dedicated to achieving meaningful, best in class, data security guidance for our industry, in line with PCI-DSS requirements and industry best practices.
 
Active Projects:
The DSC is writing a white paper “PCI Compliance Responsibilities for Convenience and Fuel Retail Industry,” with the intent to provide an overview of the entities directly or indirectly involved in fuel retail and how to determine appropriate responsibility for PCI-DSS compliance.
The DSC includes a panel of Subject Matter Experts (SMEs). The SMEs are currently working on a white paper “General Cyber Security Guidance for Developers and Systems Integrators,” to provide overarching security guidance.
At the 2017 Annual Conference, the DSC began writing a white paper in conjunction with the Device Integration Committee, “Getting Unsecure Data In & Out of a Secure Environment.” The white paper’s goal is to provide guidance to software developers and system implementers designing applications which have a requirement to transfer non-sensitive data that is created inside a PCI-DSS secure network, to an entity outside of that secure network. The intended use is to provide sufficient reason for receiving devices to remain out of scope for PCI-DSS compliance.
 
Leadership:
The Committee Chair is Kara Gunderson, CITGO Petroleum.
The Vice-Chair is Mark Carl, PDI.