mailing list archives
Re: Data retention Policy
From: rohnskii () gmail com
Date: 10 Oct 2007 06:48:45 -0000
This article was a bit of a PCI surprise.
http://www.securityfocus.com/news/11491 - Retailers look to exorcise credit-card data
http://www.securityfocus.com/columnists/450 - This is not PCI related, it is data retention specific. It it is rather
unnerving if it is followed through with.
Take a look at the PCI spec's. Translated and condensed, the PCI rules should provide the basis of your PCI policy.
You might want to check with some of the "Policy Professional". These guys are the only one I have a handy hyperlink