Why do the merchants within UNC Charlotte have to comply with PCI DSS?

The PCI DSS (Payment Card Industry Data Security Standard) is applicable to all entities, software systems, and equipment that store, process, or transmit cardholder data.  Therefore, any campus department, entity, or individual processing cards fall under its guidance and is subject to its requirements.  In addition, the Office of the State Controller for the state of North Carolina (NC OSC) as well as the UNC Charlotte banking contracts state that we are subject to PCI DSS and required to meet its standards.