PCI Security standards are technical and operational requirements set by the PCI Security Standards Council to protect
cardholder data. The new digital age makes merchants the new target for financial
fraud, with more than 234 million records with sensitive information having been breached since January 2005, it is
imperative to use standard security procedures and technologies to thwart theft of cardholder data.The standards apply to all organisations that store, process or transmit card data. There are three
ongoing steps for adhering to the PCI DSS: Assess - Identify cardholder data, take an inventory of your IT and business
processes for payment card processing, and analysing them for vulnerabilities. Remediate - Fix any vulnerabilities
that may have arisen during the assessing process and don't store cardholder data unless it is specifically required.
Report - Submit compliance reports where required. PCI DSS follows common sense steps that mirror best security practices.
Here at BME we recognise that we have responsibilities towards our customers to ensure that as a data handler our security
procedures protect your clients financial data. All documentation is kept on secure premises and are scanned onto stand-alone
PCs to minimise the security risks. We maintain a secure network and all electronic documentation is encrypted for transportation
and storage. After conversion has been undertaken all documentation is shredded to DIN Level 4 in accordance with DIN 32757.
All computers are installed with firewalls and anti-virus software which is kept up-to-date to ensure protection from
malicious software threats. We also minimise usage of the internet by our staff. All of these steps and others allow
us to remain PCI compliant and therefore better equipped to help our customers maintain PCI compliance.