Any company with a Merchant ID (MID) that processes, stores or transmits credit card information must adhere to and comply with the PCI Data Security Standard (PCI DSS), created and updated annually by the PCI Security Council. Introduced on September 7, 2006, the Payment Card Industry Security Standards Council (PCI SSC) provides an actionable framework for developing a robust payment card data security process – including prevention, detection, and appropriate reaction to security incidents. The PCI DSS is administered and managed by the PCI SSC, which is independent of the major payment card brands (Visa, MasterCard, American Express, Discover and JCB). Card brands and acquirers are responsible for enforcing compliance, not the PCI Council.