Many club owners in attendance at the Technology Summit yesterday afternoon (sponsored by Checkfree) may have broken out in a cold sweat when speakers Michael Scott Scudder, owner of MSS FitBiz, and John Whitworth, business development manager of Ambiron Trust Wave, told them that they could be forking out $100,000 in fines if they don't become compliant with the new payment card industry (PCI) data security standard. It seems that credit card companies are tired of eating bad charges and they've figured out a way to make club owners (and other credit card-taking businesses) pay for it.
Advice from Scudder and Whitworth? Hire a good consultant to help you through the process, notify your bank if you are not yet PCI compliant (better to let them know now than for them to find out later) and limit the amount that employees handle members' credit card information. Of course, it's actually much more in depth than this, but for those details, check out www.pcisecuritystandards.org.
If a club owner doesn't pay the fine in full (no parceling out the payments like you can do with the IRS), then the club owner can no longer take payments using any credit cards. Gulp! Now that's a bite a bit too large to swallow. -Pam