Patrick should send out official meeting minutes however, entered into a clarifying discussion as requested by Patrick; explaining why the Kiosks are part of the NCDOT PCI Cardholder Data Environment. Basically, reiterating what you and I stated prior as well as our PCI Assessor, which is that because we control the systems and are directing the public to utilize same for payment card processing, such makes them PCI devices (processing, storing, or transmitting).
Moreover, Patrick requested clarification on what exactly is required for PCI Compliance and I gave him and the team an overview of the primary requirements such as Malware Protection, Auditing Logging, File Integrity Management, etc.). Fortunately, I did not