Despite the fact that 36% of PCI DSS-compliant merchants reported data breaches in the past 24 months, those who met the data security standard still fared better than non-compliant merchants, according to a new report. The document also said the number of merchants reporting a data breach in the previous 24 months rose 7.6% from 79% in 2009 to 85% this year. The report, “2011 PCI DSS Compliance Trends Study,” was produced by the market research firm Ponemon Institute and commissioned by data security firm Imperva.

Based on a survey of 670 U.S. and multinational information technology professionals, the report found that 64% of PCI-compliant merchants said they did not suffer a data breach involving credit card data over the past two years, compared to 38% of non-compliant businesses.