TouchNet is a Global Payments company

TouchNet is part of Global Payments Inc. (NYSE: GPN), a leading payments technology company delivering innovative software and services to customers globally. TouchNet and its customers enjoy the privacy, security, and compliance benefits of being part of a global, Fortune 500® company with 27,000 team members. TouchNet leverages the technology, expertise, and scale of Global Payments to ensure our product development and support continue to lead the higher education industry.

TouchNet is Committed to Privacy, Security, and Compliance

TouchNet is a longstanding leader in developing solutions and services that are private, secure, and compliant by design for higher education institutions. We stay up to date on the constant evolution of requirements and standards, as well as scan the horizon to identify future challenges and opportunities. Our knowledge and experience enables us to develop and support products that not only meet but surpass industry standards to stay ahead of the curve.

TouchNet Develops, Tests, and Trains for Privacy, Security, and Compliance

TouchNet products are developed using secure coding practices supported by a secure software development framework and policies that follow compliance by design principles.

Our solutions regularly undergo application security testing by both internal and external parties, which is supported by mature network security policies and continuous patching standards.

TouchNet is committed to providing industry leading education for clients and our staff. TouchNet staff are required to complete regular training on the latest security measures and cybersecurity tactics, including phishing and other social engineering attacks.

TouchNet Achieves Certifications and Follows Standards

TouchNet meets Systems and Organization Controls (SOC) standards. We are audited annually by an independent firm and have achieved SOC 2 Type II and SOC 1 Type II certifications, and clients can easily access these reports, within the TouchNet Client Community.

We undergo the Payment Card Industry (PCI) validation process to maintain our status as a Level 1 Service Provider, and are compliant with the PCI Data Security Standards (PCI-DSS), PCI Software Security Standard (PCI-SSS), and Secure Software Life-Cycle (PCI-SSLC). Our certification can be viewed on the PCI website.

We securely process ACH payments in accordance with Nacha regulations. Our technology and employees work to prevent and mitigate fraud and other risks.

TouchNet's Data Privacy Framework certification ensures a structured approach and signaling trust that Personal Information is handled accordingly to the requirements of GDPR and other global privacy laws, including the US.

TouchNet has enrolled in the GovRAMP Progressing Security Snapshot Program for our U.Commerce, OneCard, and Platform Reporting solutions. Listings can be found at GovRAMP Authorized Products List. GovRAMP compliance meets requirements in Texas, Arizona, California, Indiana, New York, North Carolina, Oregon, and many others (view full list).

TouchNet is a Federal Student Aid Third Party Servicer (FSA-TPS) under the Department of Education regulations, and complies with applicable Department of Education regulations, including the Title IV Cash Management regulations.

HECVAT

Institutions look to the Higher Education Community Vendor Assessment Toolkit (HECVAT) to ensure vendors are meeting security and privacy standards. TouchNet's participation with the HEVCAT process ensures our commitment to security and privacy by completing such assessments.

TouchNet respects the privacy of student education records and complies with the Family Educational Rights and Privacy Act (FERPA). TouchNet never markets to students or sells personally identifiable information.

Industry accessibility standards are used to guide TouchNet software development, including the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines (WCAG 2.2 AA). TouchNet has VPATs available for clients. Visit our Accessibility webpage for more information.

TouchNet manages clients’ personally identifiable information in accordance with applicable law. Visit the TouchNet Privacy Notice to learn more about how we collect, use, disclose, and dispose of personally identifiable information.

Resources

Guarding Higher Ed's Data Goldmine

 

Privacy, security, and compliance have a complicated relationship made more complex by new technology and new risks. Download this ebook to learn how to manage privacy, security, and compliance and build a foundation for combating fraud and other risks.

LEARN MORE

Back to the Basics of Payment Compliance

 

Payments compliance on campus is complex. Managing the complexity and simplifying it starts with understanding the basic terms, concepts, and governing bodies involved in payments compliance.

LEARN MORE

Lakehead University improves PCI compliance with PCI Services

 

Lakehead University achieved and maintains PCI compliance with TouchNet’s payments processing compliance solution.

LEARN MORE

Ready to get started on your journey?

Contact us

Our Privacy Notice has been updated!
We have updated our Privacy Notice to improve the readability and to account for recent developments in privacy laws.
By continuing to use the website, you acknowledge your receipt and acceptance of the updated Privacy Notice.