State Agencies that accept credit, debit, ACH, or other electronic payments must complete an annual payment security review. These security requirements are known as Payment Card Industry Data Security Standards (PCI-DSS). Agencies will be responsible for ongoing training, policy development and practice, and completion of a Self-Assessment Questionnaire (SAQ) each year.
There are 9 different SAQs. Your merchant type, and the methods in which you handle, transmit, and store data will determine which is the right SAQ for your Agency. OST will work with you to determine the appropriate SAQ type and will then make it available to you through Campus Guard’s online portal.
To get started, Agencies will need to do the following:
Treasury staff will assist Delaware Agencies in this endeavor, in partnership with the Department of Technology and Information (DTI) and our contracted data security vendor, Campus Guard. By working together, we can proactively protect and secure our payment systems.