Hi all,I'm developing a new training for staff for PCI Compliance. I referenced the PCI compliance documents found in AASP best practices to develop/refine the policy.For staff members, this is straightforward. However, my understanding is that "anyone who could conceivably hold a full credit card number" must be trained in PCI compliance relevant to their role. We want to have board members participate in a call campaign to donors this year. It seems like board members should take the training, or at least a condensed version of it. Do you have board members take a version of a PCI Compliance training before participating in a call campaign to donors? If so, how do you keep track of that/ verify they have completed it? For staff, I can keep track of whether they've completed the training in our payroll system, but I don't have that option for board members.Any thoughts would be much appreciated!