InfoSecCompliance.com – Technology, Privacy and Security Law & Risk Management » Blog Archive » PCI Service Provider Contracting

One of the key areas I get involved in is service provider relationships, and in particular section 12.8 of PCI and service provider contracts. There are many aspects of 12.8 (and its subsections) that are potentially ambiguous and open to interpretation, but this particular article is not going to focus on those. This post concerns the “written agreement” referenced in 12.8.2

via InfoSecCompliance.com – Technology, Privacy and Security Law & Risk Management » Blog Archive » PCI Service Provider Contracting.