Skip to main content

Policy - Credit Card Handling

Section: Human Resource Policies  
Policy Owner:Ignition633 Ministries Human Resources  
Policy Name: Credit Card Handling Policy  
Origination Date: October 2024 
 
Credit Card Handling Policy 
 
Purpose:
This policy establishes guidelines for the proper handling, storage, and disposal of credit card information to protect sensitive donor data and ensure compliance with Ministry standards. It aims to minimize the risk of data breaches, fraud, and unauthorized access to credit card information. 
 
Scope:
This policy applies to all employees, contractors, and third-party vendors who handle, process, or have access to credit card information in any form, including physical and electronic formats. It covers all aspects of credit card data management within our organization. 
 
Policy:

Electronic Storage:
Credit card information must be stored in encrypted, secure databases with restricted access. Access to electronic credit card data should be limited to authorized personnel only. 
 
Physical Storage:
Any physical copies of credit card information must be stored in a locked safe when not in use. Access to the safe should be restricted to authorized personnel and logged.

Temporary Records:
Credit card information written on sticky notes, paper, or other temporary mediums must be shredded immediately after use. Never leave physical copies of credit card data unattended.

Data Transmission:
Use secure, encrypted methods when transmitting credit card information electronically. Don’t send full credit card numbers via email or unsecured messaging platforms.

Employee Training:
All employees handling credit card information must receive regular training on this policy and best practices for data security.

Incident Reporting:
Any suspected breach or unauthorized access to credit card information must be reported immediately to the management team.

Compliance:
Adhere to all applicable laws and industry standards, including PCI DSS requirements.

Auditing:
Conduct regular audits to ensure compliance with this policy and identify areas for improvement.

Disposal:
Securely dispose of credit card information when no longer needed, using cross-cut shredders for physical documents and secure deletion methods for electronic data. 

Violations:
Violations of this policy may result in disciplinary action, up to and including termination of employment or contract. 
 
------------------------------------------------------------------------------------------------------------------------------ 
This policy will be reviewed annually and is subject to change. Any changes will be communicated to all employees promptly.  

For any questions or further assistance regarding this policy, employees should contact the HR department at hr@ignition633.org. 

 

Back to top