Skip to main content

How to Complete Your Annual PCI Compliance Attestation in Prahsys Dashboard

This guide walks dental office staff through completing the annual PCI DSS compliance attestation required for Prahsys payment processing, including the self-assessment questionnaire and certificate of compliance.

Updated this week

Quick Steps

  1. In your Prahsys Dashboard, click PCI Compliance in the left sidebar

  2. On the Eligibility page, click CONFIRM

  3. On the Pre-questionnaire page, answer Yes to all 8 questions, then click SUBMIT

  4. On the Questions page, click SUBMIT MY QUESTIONNAIRE in the banner at the top — do not answer any questions on this page

  5. On the first Attestation of Compliance page, click COMPLETE MY QUESTIONNAIRE

  6. On the second Attestation of Compliance page, enter your name in Attested by and your job title in Title, then click COMPLETE MY QUESTIONNAIRE

  7. Download your Certificate of Compliance — it is valid for 12 months

Walkthrough

Step 1: Open PCI Compliance from Your Dashboard

From your Prahsys Dashboard, locate PCI Compliance in the left sidebar under the Merchant section and click it. This will redirect you to the MAXpcicomply.com portal where the questionnaire is hosted.

Step 2: Confirm Your Eligibility

The first page is the Eligibility page. Review the eligibility criteria shown on screen, then click CONFIRM to proceed.

Important Note: The eligibility criteria confirm that you process transactions using a mobile device or terminal and that account data is not stored electronically. If your practice does not meet these criteria, contact Prahsys Support before proceeding.

Step 3: Answer the Pre-Questionnaire

The Pre-questionnaire page contains 8 questions. Answer Yes to each one by clicking the circle in the Yes column. Two questions include optional resource links if your practice needs help creating a Security Policy or Incident Response Plan:

  • Do you have a Security Policy... — If you need a Security Policy template, click the For help with your Security Policy, click here link.

  • Do you have an Incident Response Plan in place? — If you need a template, click the click here link to download one.

Answer Yes to all 8 questions, then click SUBMIT at the bottom of the page.

The 8 questions and correct answers are:

  1. Do you have a Security Policy that addresses policies for keeping cardholder data secure? → Yes

  2. Do you discuss and review the security policy with all personnel at least once a year? → Yes

  3. Do you have an Incident Response Plan in place? → Yes

  4. Does your Incident Response Plan clearly define information security roles and responsibilities for all employees? → Yes

  5. Are all employees trained to maintain an inventory of all devices and report suspected tampering? → Yes

  6. Are policies in place to define the acceptable usage of portable devices? → Yes

  7. Do you have a formal security awareness program that is reviewed with all personnel? → Yes

  8. Does your security awareness training include awareness of phishing and social engineering? → Yes

Quick Tip: Most of these questions should already reflect your existing practice policies. If you answer No to any question, you may need to address that gap before completing compliance.

Step 4: Submit the Questionnaire — Do Not Answer Any Questions

This step is the most common point of confusion. The Questions page will appear to have many unanswered items, but you do not need to scroll down or answer anything here. Prahsys has pre-answered all of the technical questions on your behalf.

Look for the banner near the top of the page that reads: "Your Questionnaire is complete. Click here to submit it."

Click SUBMIT MY QUESTIONNAIRE in that banner to proceed.

Important Note: Do not attempt to answer the questions on this page. Prahsys has pre-filled all applicable responses based on your account configuration. Changing answers here could cause your questionnaire to fail.

Step 5: Complete the First Attestation Page

The next page is titled Attestation of Compliance. This page summarizes the three compliance statements you are attesting to. No changes are needed.

Click SUBMIT to proceed.

Step 6: Enter Your Name and Title

The second Attestation of Compliance page requires two fields:

  • Attested by — Enter the full name of the person completing this attestation (typically the practice owner or office manager)

  • Title — Enter your job title at the practice

The Merchant Name field will already show your practice name — do not change it.

Click COMPLETE MY QUESTIONNAIRE when done.

Important Note: The person attesting must be an authorized representative of your practice. This is a legal attestation of PCI DSS compliance.

Step 7: Download Your Certificate of Compliance

Once you complete the questionnaire, you will be offered a Certificate of Compliance to download. This certificate is valid for 12 months from the date issued and confirms your practice passed PCI SAQ C - V 4.0.1.

Important Note: You will get emailed reminders to complete this process again before the 12-month expiration date. Lapsed PCI compliance may result in additional fees from your payment processor.

Understanding PCI Compliance

PCI DSS (Payment Card Industry Data Security Standard) is a set of security requirements that all businesses accepting credit card payments must meet annually. Completing this questionnaire confirms that your practice handles cardholder data safely and is eligible to continue processing card payments through Prahsys.

Your compliance is managed through MAXpcicomply.com, a third-party PCI compliance platform connected to your Prahsys account. Prahsys pre-fills the technical portions of the questionnaire based on your account setup — you are only responsible for confirming the practice-level policies covered in the Pre-questionnaire.

Need Help? Contact Prahsys Support at [email protected] or call 1 (833) 222-6834.

Related Articles
How to Sign Up for the Cash Discount Program in Prahsys Merchant Dashboard
Did this answer your question?