Security Basics mailing list archives
RE: E-Commerce Compliance Requirements
From: Matthew Reed <mreed () cgx com>
Date: Fri, 6 May 2011 07:25:09 -0500
If you are taking credit card information, PCI will likely be the top priority. You also will have to investigate to find out if you are taking any PHI (Protected Health Information). While this is not usually the case, many people do not account for it or understand what PHI is. Any data that links a person to their physician, ailment or coverage is likely in scope for HIPAA. I have seen quite a few e-commerce solutions that collect heath information, you will want to confirm that is not in your scope. If it is, you will need to learn about HIPAA. If the company is publicly traded and the e-commerce revenue is considered direct billing, then this may likely be considered an accounting application and SOX (Sarbanes-Oxley) would come into play as well. Matthew Reed, GSEC, GCIH, CHPSE -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of dysprosphor () gmail com Sent: Thursday, May 05, 2011 10:56 PM To: security-basics () securityfocus com Subject: E-Commerce Compliance Requirements Hi guys, I've got a question, the company I work at deals with a high-volume of e-commerce transactions for both mobile and web platforms, could you pinpoint some of the regulatory standards I should be looking at? Thanks in advance! ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ NOTICE: This message, as well as any attached document, contains information from Consolidated Graphics, Inc. that is confidential and/or privileged, or may contain attorney work product. The information is intended only for the use of the addressee(s) named above. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, forwarding, printing, copying, disclosure, or the taking of any action in reliance on the contents of this message or its attachments is strictly prohibited, and may be unlawful. If you have received this message in error, please destroy all copies (in any form) of this message and its attachments, if any, without disclosing the contents, and notify the sender immediately. Unintended transmission does not constitute waiver of the attorney-client privilege or any other privilege. Unless expressly stated in this email, nothing in this message should be construed as a digital or electronic signature. Thank you for your cooperation. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re:E-Commerce Compliance Requirements dysprosphor (May 06)
- <Possible follow-ups>
- E-Commerce Compliance Requirements dysprosphor (May 07)
- RE: E-Commerce Compliance Requirements Matthew Reed (May 07)
- Re: E-Commerce Compliance Requirements Jeffrey Walton (May 06)
- RE: E-Commerce Compliance Requirements Hung Lee (May 07)
- RE: E-Commerce Compliance Requirements Jacob (May 10)
- RE: E-Commerce Compliance Requirements Matthew Reed (May 07)
- RE: E-Commerce Compliance Requirements Alex Bolante (May 07)