Third Party-Vendor Guidelines

Third Party-Vendor Guidelines

As stated in the University of Notre Dame Payment Card Policy, all Notre Dame merchant activity will be conducted through approved university merchant accounts.  However, the University does recognize the need for third party vendors to collect, process, and/or store payment card data on university property.  Guidelines for these third party card processing activities are as follows: 
 

  1. Third party vendors who conduct any card processing activity on campus, whether it be electronically or paper-based, are to comply with the Payment Card Industry Data Security Standard (PCI DSS).
  2. Vendors may not connect any device to the Notre Dame CCSP Segmented Payment Network for any reason.
  3. Vendors may connect their electronic card processing devices to the open Notre Dame network, but do so at their own risk.  The University will act as an Internet Service Provider (ISP), only offering a direct communication link to the internet.
  4. Any exception to these guidelines must be reviewed and approved by the Notre Dame Credit Card Support Program and Information Governance Committee.

Applicability

This standard applies to all University of Notre Dame employees or students.