Payment service providers, especially those that operate internationally, have to comply with a slew of data protection regulations from various geographies. While these regulations may differ in some aspects, most have the same core requirements in common, such as protection of sensitive data and timely notifications in the event of a breach. In order to minimize redundant work and get the most of compliance efforts and investments, PSPs should map out in what ways applicable regulations overlap and develop an overall cross-regulatory compliance strategy.
This white paper explores the overlapping requirements of PCI DSS and GDPR as an example for developing a cross-regulatory compliance strategy. Many other regulations, such as Brazil’s LGPD or the State of California’s CCPA, have similar core requirements.
Please fill out the form to get your free copy.