Finance Department
CardHolder Data Destruction
PCI-DSS Requirement 9.8.1 requires Rollins College to destroy hard-copy materials of cardholder data so that they cannot be reconstructed. Additionally, storage containers used for materials to be destroyed must be secure.
Rollins College does not store cardholder data. Any hard-copy materials of cardholder data must be destroyed once the information is processed.
Rollins College has an agreement with a shredding service. Departments can sign up for this by contacting the Purchasing Office. Costs are dependent on options chosen. Alternatively, departments can instead purchase a PCI-compliant cross-cut shredder. Please contact the PCI office before purchasing if you’re unsure about the model. Some suggested shredders are below.
Small Office Models
Commercial Models