[Phpwm] PCI DSS security standard
alan at dunns.co.uk
Thu Mar 27 10:42:21 GMT 2008
We wonder if others in the group are familiar with the 'Payment Card
Industry Data Security Standard' and if so does anyone have any
experience of being audited or gaining compliance certification for any
customer apps they are hosting?
Here is a direct quote from our client's email "all companies which
handle credit card data must be PCI DSS compliant by the end of March.
This is the Payment Card Industry Data Security Standard which all
companies have to comply with. It’s all really technical but the main
point is that if you are not compliant then the responsibility for any
fraud sits you with you and not with the banks"
Here is a link: http://www.itgovernance.co.uk/pci_dss.aspx
The issue of 'responsibility for fraud' certainly raises some
interesting contractual questions about the consequences of hosting
customer data - especially credit card data.
This document originates from within Dunns Imaging Group Limited.
This message, together with any associated files, is intended only for
the use of the individual or entity to which it is addressed and may
contain information that is confidential, subject to copyright or
constitutes a trade secret. If you are not the intended recipient of
this communication you are hereby notified that any dissemination,
copying or distribution of this message, or of any files associated with
this message, is strictly prohibited.
If you have received this message in error, please notify us at once.
Dunns Imaging Group Ltd.
Registered Office: Chester Road Cradley Heath West Midlands B64 6AA.
Tel: 01384 564770
Registered in England 598527.
More information about the Phpwm