The city of Portland, Oregon, is no closer to improving its credit card security than it was last year, according to local news outlet KOIN 6.
Last November, an internal audit found that the city was behind current standards in each of the three payment categories in PCI compliance, and hadn't been for five years.
"We found that since 2009, the city has remained out of compliance with the payment card industry data security standard," Auditor LaVonne Griffin-Valade said in a statement at the time. "The city has never complied with all of the standard's requirements, and the city has not fully implemented recommendations or remediation steps to secure payment card processing."
The city's head of technology had promised to overcome staffing and funding difficulties in order to address the concerns, but the director has since retired, leaving the responsibility to a committee that has yet to solve the problem.
According to city officials, they are currently working towards the following goals: transferring credit card processing from the city to an outside company, creating a work group to ensure all bureaus' security needs are met, reviewing rules to comply with PCI standards, adding staff hours to the project and hiring an Information Security Manager.
Municipalities don't often come to mind when thinking of top tier merchants, but things like taxes, water bills, fines, fees and other things that go into running a city or town bring in a lot of money for local communities. According to KOIN, Portland processes over 9 million credit and debit card transaction a year, resulting in tens of millions of dollars paid to the city annually.
A security firm who spoke to KOIN said that, if breached, the damage could be on the level of the Target and Home Depot events, resulting in a severe amount of liability for the city.
If your company is in need of new credit card processing software, be sure to contact 911 Software today.