PCI data stands for Payment Card Industry Data Security Standard. It is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. The standard is administered by the Payment Card Industry Security Standards Council, which was formed in 2006 to manage the security of credit cards. The PCI DSS has 12 key requirements, 78 base requirements, and over 400 test procedures. Some of the key requirements include:

• Install and maintain a firewall system to protect cardholder data.
• Avoid vendor-supplied defaults for system passwords and other security parameters.
• Protect stored cardholder data.
• Encrypt transmission of cardholder data across open, public networks.
• Restrict access to cardholder data by business need to know.

PCI compliance is mandatory for any company or organization that accepts, transmits, or stores the private data of cardholders. Non-compliance fines begin at $5,000, but can cost up to $500,000 per PCI data security incident or breach.