PCI Compliance

Michelle Harper
Michelle Harper
Sixth Anniversary Name Dropper Participant Facilitator 1
in Blackbaud Raiser's Edge NXT®: General Discussions

When a donor calls to update their cc or bank info for a recurring gift, the fundraising office currently writes the information down and takes it to the accounting office to update in RE or RENXT. When appeal cards come in through the mail, they are also taken to the accounting office to enter and then have the cc info blacked out.

I understand that this is not PCI compliant, but I am not sure exactly how to change it to be compliant. How does everyone else handle this? Do you enter the information directly into RE? If so, who does this? Do you use a third-party software to safely transfer this information from the person answering the call to the person who has access to edit the information on the constituent record?

I have read about people using a small portable white board to write down the info instead of paper, but I fail to see how that is any better.

Thank you in advance for your help!

Comments

  • Christine Robertson
    Christine Robertson Community All-Star
    Kudos 5 Name Dropper Participant First Anniversary

    @Michelle Harper Is there a reason that the fundraising team can't type the information into either RE NXT or an online giving form? That would be ideal because then you are never writing it down at all and as soon as it is saved, the number is encrypted.

Categories