As a convenience for students and employees, the District accepts credit cards at selected locations on each campus, as approved by the District Superintendent. In connection with these transactions, the District will comply with all aspects of the Payment Card Industry Data Security Standard (PCI DSS), including:

• appropriately configuring its technology to protect cardholder data

• utilizing suitable passwords and security parameters

• storing collected data in a secure manner

• encrypting all data during transmission on public networks

• regularly updating software, programs, and other security measures

• restricting access to only those who need such access

• properly authenticating, tracking, and monitoring access to the district’s systems and data

• regularly testing, reviewing, and updating data and security procedures to ensure compliance with applicable industry standards

No individual is authorized to interfere with, obstruct, or circumvent the district’s security measures. In addition to any potential criminal penalties, employees and students who violate this policy or PCI DSS requirements are subject to the most severe disciplinary consequences permitted by Oklahoma law and board policy.

Adopted by the Board on November 9, 2015