Table of Contents Table of Contents
Previous Page  323 / 354 Next Page
Information
Show Menu
Previous Page 323 / 354 Next Page
Page Background

A

Corporate and social responsibility report

Annex III -

Being an ethical and fair good player in business

323

Worldline

2016 Registration Document

Data protection employees awareness

A.4.1.2.5

pillar, developed a training targeting all Worldline’s employees to

knowledge on the matter. Worldline has therefore, as a fourth

be sufficiently addressed if its employees lacked awareness and

Worldline is convinced that personal data protection would not

employees attended mandatory online training programs

particular domain of expertise. In 2016, 78% of Worldline

trainings to point out the issues employees face in their

create general awareness on the topic as well as more specific

related to personal data protection.

PCI-DSS Standard

A.4.1.2.6

security measures globally.

security and facilitate the broad adoption of consistent data

was developed to encourage and enhance cardholder data

The Payment Card Industry (PCI) Data Security Standard (DSS)

As Worldline processes a huge quantity of cardholder data on

keep its PCI-DSS certification.

audited every year by a Qualified Security Assessor (QSA) to

PCI-DSS standard. As a payment services provider, Worldline is

behalf of many of their customers, it must comply in full with the

be summarized as follows:

The PCI-DSS standard consists of 12 main requirements that can

Build and maintain a secured network;

Protect cardholder data;

Maintain a vulnerability management program;

Implement strong access control measures;

Regularly monitor and test networks;

Maintain an information security policy.

management and updating of many security measures.

a review of the security policy and its application, and the

Concretely, that means regular security training for employees,

e-payment standards such as VISA and 3D Secure.

clearing and settlement services are also compliant with major

its e-commerce solution (SIPS). Now its acquisition, issuing,

Worldline has been PCI-DSS certified for eight years. It began by

long termondata protection

TRUST 2020: Worldline commits on the

A.4.1.2.7

remain at the forefront of data protection compliance. This is

Privacy Impact Assessment has allowed the Atos group to

The deployment and use of practical and effective tools such as

made by anticipation and integrating both the “accountability”

performing 100% of private impact assessments on critical

part of its CSR ambition, Worldline decided to engage on

and implementation of its systems and services. In addition, as

principle and the privacy by design approach in the creation

services by 2020.

I 318 319 320 321 322 323 324 325 326 327 328 329 IV