The Data Information Security Standard was developed to protect Organisations and Customers when managing payments. While this is not a legal requirement all of the major debit and credit card companies have mandated this before with will work with any organisations.
This is relevant for any organisation that is involved in or plans to be involved in payment card processing; including merchants, processors, acquirers, issuers, and service providers.
It is a set of 12 technical and operational requirements covering the full payment cycle. The standard covers 2 key areas;