Data Protection

  • Payment Card Industry Data Security Standards (PCI-DSS) - PCI-DSS is a single approach to safeguarding sensitive data for all types of payment card transactions. The standards are a result of collaboration between the founding members of the PCI Security Standards Council (American Express, Discover, JCB, MasterCard, and Visa) and are designed to create common industry security requirements. For more information, please refer to
  • Part of PCI-DSS compliance, is the annual completion of the PCI-DSS Self-Assessment Questionnaires (SAQs), which are validation tools intended to assist merchants (TTUHSC departments accepting credit cards as a form of payment for goods/services) and service providers in self-evaluating their compliance with the PCI-DSS. There are multiple versions of the PCI-DSS SAQs to meet various scenarios.
  • Each year the TTUHSC Information Technology security team emails departmental contacts for each Merchant ID to complete the PCI Self-Assessment Questionnaires (SAQs) that are required for TTUHSC to maintain compliance with PCI-DSS regulations. All departments processing credit card payments via terminals or e-Commerce must fill out an SAQ for each Merchant ID within the department.