Credit Card Law
Posted 14 November 2006 - 08:32 AM
Great forum, thanks!
Posted 14 November 2006 - 09:10 AM
Protecting Personal Information in Third Party Hands: An Overview of Legal Requirements
Margaret P. Eisenhauer
6 January 2006
RSS White Paper on Enterprise Identity Theft
The Gramm-Leach Bliley Act
California Privacy Legislation
AB 1950 in particular
Realize that the laws are still somewhat vague, but however vague, they essentially require you to make an effort to protect stored personal information. If you do not take reasonable measures to protect the data you collect and store, you could be be held liable based upon implied fiduciary responsibility.
And that is not just your client, but you the vendor as well.
IMHO, the basic steps are at minimum: Make sure the database is secure, passwords are controlled and changed regularly and the cc nums are encrypted inside the table.
Edited by Jozian, 14 November 2006 - 09:15 AM.
Posted 14 November 2006 - 09:22 AM
Thank you for the thorough response, more detail than I was expecting or getting anywhere else. I will read through the links you have sent me. Thank you again.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users