-
Storing Customer Details Securely - Laws - standards
I am creating a site that will be used to hold information about customers and their credit cards. I will not be storing or processing PAN (Primary account numbers) in any way, so I know PCI-DSS (Payment Card Industry - Data Security Standards) do not apply. But does anyone know of any regulations regarding storing customer data in a database?
The Data Protection Act is a bit vague - I can't seem to find information regarding specifics. For instance, I've been told that if you are holding customer data it needs to be on a seperate server to the website. Is this true?
Does anyone know of any specific documents / standards regarding storing customer information entered through the web?
Any help would be appreciated. Thanks.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules