Does every company have to comply with PCI DSS security regulations which protect cardholder information?
You bet they do.
Any merchant or payment provider which stores, processes, and/or transmits cardholder data must be PCI DSS compliant. Regardless of how big or small the company is or the number or volume of payment processed. No payment or cardholder information can be retained by merchants unless incredibly strict compliance is achieved and maintained.
But wait, there’s more.
PCI security requirements apply to more than cardholder information in a digital form. Companies also must get rid of printed material that contains payment or cardholder information. Disposal must be done in a responsible way which includes complete shredding of documents.
Entities that handle payment card transactions are categorized into 4 distinct levels. The levels determine the validation processes that must be performed and maintained to ensure compliance.
There are six categories of PCI compliance security standards.
For more information, contact firstname.lastname@example.org