When Sara Lee Corporation began its initiative to comply with payment card industry (PCI) data security standards (DSS) two years ago, its security experts had a lot of questions about the requirements. According to Maurice Hampton, senior manager of information security architecture for the company, Sara Lee had to jump through a lot of hoops before it could even get a clear picture of what it would take to comply.