Having and enforcing an “Imprinted Sales Slip or Printed Receipt Security Policy” governing the storage of imprinted cardholder data and limiting access to that data is an important control. It is also important that the policy contain a provision for the regular purging and secure disposal of this data after its period of usefulness for processing a sale or responding to a chargeback inquiry has passed. This document is meant to be used as a template for you to customize to your own specific requirements.
1. (Company name) is committed to the prevention of credit card fraud and the protection of Customer credit card information gathered in the transaction of our business.
2. At the end of each (appropriate period/shift/day/batch etc.), any sales slip, printed receipt or other document that has been imprinted with cardholder information, number, name and expiry date, will be forwarded to (name/position) for storage.
3. Imprinted documents will be filed in (safe/locked desk, cabinet, closet etc.)
4. Imprinted documents may only be accessed by (name(s)/positions) in their normal function of processing credit card transactions or responding to chargeback inquiries. 5. Imprinted documents in storage will be reviewed at the beginning of each month by (name(s)/positions) and all documents greater than (xxx) days will be shredded or otherwise securely destroyed.