Omega ATC has been releasing educational and informational emails all year long primarily on these two topics – “data security” and “compliance” emphasizing that compliance does not equate to security. Through experience we have found that merchants find it hard to come to grips with these sometimes illusive but critical terms.
The questions we often hear are,
1. Why should I bother with data security if my POS vendor has already said I am compliant?
2. Why should I go beyond what my oil company has already done for compliance?
You say you are compliant, but are you?
Level 1 and Level 2 merchants in whichever industry they may do business in have to worry about this question. The POS system might indeed be compliant or may not. This is where data security plays the part. Has the merchant verified what the POS vendor says?