Valid CPSA_P_New Dumps shared by ExamDiscuss.com for Helping Passing CPSA_P_New Exam! ExamDiscuss.com now offer the newest CPSA_P_New exam dumps, the ExamDiscuss.com CPSA_P_New exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CPSA_P_New dumps with Test Engine here:
During an assessment you ask to see employee records for employees with access to the HSA. The records include information about the screening process, including background information from the employee application process. The oldest background Information that is available is for an employee that left the vendor (terminated their contract) one year previously. You note this as non-compliant, why?
Correct Answer: B
Explanation According to the PCI Card Production Logical Security Requirements, the vendor must securely destroy all employee information, including background checks, within two years of the employee's termination of contract. This is to prevent unauthorized access to sensitive employee data and to comply with the PCI DSS requirement 3.1, which states that cardholder data must not be stored longer than necessary. The vendor must also have a documented policy and procedure for the secure destruction of employee information, and must maintain a log of all destruction activities. References: PCI Card Production Logical Security Requirements, v2.0, April 2019, page 19, requirement 6.1.1 PCI DSS, v3.2.1, May 2018, page 25, requirement 3.1
