URL: https://preston.moderngov.co.uk/ieDecisionDetails.aspx?ID=1340

Decision Maker: Cabinet Member for Service Transformation

Outcome:

Is Key Decision?: No

Is Callable In?: Yes

Purpose: The Council is currently using a version of Income Management for the telephone payment system that is no longer compliant with the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is a set of security standards designed to ensure that all companies that accept, process, store, or transmit debit/credit card information maintain a secure environment. A change in latest version of the PCI DSS means that it is no longer permissible for a customer to speak their credit card information over the telephone to a Customer Advisor as this is considered insecure. Alternative secure methods must be implemented for the Council to become PCI-DSS compliant and for our income management system software supplier to maintain their Payment Application Data Security Standard (PA DSS) accreditation. Access Paysuite are the providers of the income management system and they are ending their support of the current version of customer assisted telephone payments that the Council is using and the functionality to be able to take card payments over the phone will end in September 2025.

Content: Resolved - The Cabinet Member for Service Transformation and the Cabinet Member for Resources:   (i)             Agreed the scheme to implement Call Secure Plus to enable the Council to become PCI DSS compliant through a contract variation with our existing income management software provider, Access Paysuite,   (ii)            Approved a revenue and capital Funded Budget Increase totalling £78,330 over three years utilising the ICT Strategy Reserve as set out in 4.1.5,   (iii)          Approved an addition to the Capital Programme of £21,720 for the initial licence fees and implementation costs of the Call Secure Plus system as set out in this report.

Date of Decision: October 24, 2025