Hotels and restaurants are taking the initiative to reduce costs of credit card compliance, while continuing to protect their guest�s privacy.  One estimate found that PCI compliance costs American businesses in excess of $1 billion each year.   However, the industry is concerned about unfair and burdensome rules when complying with the data security program used by the five major credit card companies.  

�Credit card compliance costs are part of doing business in our industry,� said AH&LA President/CEO Joseph A. McInerney.  �This action by AH&LA and others is an important step towards insuring that the payment means used by a majority of our guests is secure, and that our members� compliance requirements are not burdensome, costly, or unnecessarily complex.�

AH&LA�s June 8, 2009, letter recommended that in order to achieve these efficiency goals the following changes be implemented:

• Incorporate a formal review and comment phase on revisions to the PCI regulations by members before the changes are issued, similar to the process used by the Accredited Standards Committee X9, a data security standards committee of the American National Standards Institute (ANSI).  

• Ensure the amount of time between the issuance of a PCI standards revision and its effective date is appropriate for all merchants to comply.

• Adopt the X9 Committee�s plan to develop a new encryption standard to protect cardholder data.

• Reduce the reporting and maintenance burden on companies by restructuring the 200 detailed requirements of the present PCI standards.

• Require credit card companies and banks to provide merchants with simplified recordkeeping requirements for authorization code retention, instead of continuing to require merchants to store credit card information for dispute resolution.

�Security is a top priority in our hotel�s transactions with our customers,� said Kevin Maher, AH&LA�s senior vice president of governmental affairs.  �AH&LA is working to clarify on how these standards are enforced, created, and communicated.�

The letter was sent by the American Hotel & Lodging Association, National Retail Federation, National Restaurant Association, National Council of Chain Restaurants, Association for Convenience & Petroleum Retailing, Merchant Advisory Group and the International Franchise Association.

Serving the hospitality industry for nearly a century, the American Hotel & Lodging Association (AH&LA) is the sole national association representing all sectors and stakeholders in the lodging industry, including individual hotel property members, hotel companies, student and faculty members, and industry suppliers. Headquartered in Washington, D.C., AH&LA provides members with national advocacy on Capitol Hill, public relations and image management, education, research and information, and other value-added services to provide bottom-line savings and ensure a positive business climate for the lodging industry. Partner state associations provide local representation and additional cost-saving benefits to members.  For more about AH&LA, visit www.ahla.com.

Robert Baylor
[email protected]