All new merchant accounts and Service Provider changes, involving credit card data, must be approved by the PCI DSS Compliance Team and Business Services prior to contractual agreement(s) being executed.
Third parties, with whom cardholder data is shared, are contractually required to adhere to the PCI DSS requirements and to acknowledge that they are responsible for the security of the cardholder data which they transmit, process, store or can affect the security thereof.
Service Provider Requirements
Potential Service Providers must meet the requirements noted on the New Service Provider page. The PCI Compliance Team is tasked with the the responsibility of vetting Service Providers that have a payment card component, or that can impact the security of payment card data. The PCI Compliance Team’s goal is to maintain Middlebury’s level of compliance, reducing risk to the institution.
Please complete the PCI DSS New Merchant Account Request Forms and New Service Provider Checklist for all new Merchant Accounts which involve credit card data. Requests should be sent to firstname.lastname@example.org.
We have established a checklist and templates to aid you in the process of setting up a new merchant account.
Please contact the PCI Compliance Team at email@example.com with any questions or concerns.
Upon project approval, Web Helpdesk tickets should be submitted to the appropriate work groups in ITS.
- New Server and Server Storage requests should be submitted to under Network Accounts and Storage request.
- Network Address requests should be submitted under Network Connection Issues. Please note it is a PCI Project.
- Will you need a network jack installed for the payment processing equipment? If so, please enter a facilities work order to have the cable run. Submit a Web Helpdesk ticket type Network Connection Issues, New Network Jack Wiring request to complete the jack installation.
152 Maple Street
Marble Works, Suite 102
Middlebury, VT 05753