> I'm no attorney or law professor but I would look > into being PCI compliant. I don't know if this is > exactly what you need, but it definitely couldn't > hurt and it is a very high level of security.
Hi Paul, we're pretty familiar with the PCI requirements (we work with a lot of e-commerce clients). Unfortunately PCI is more about the security of the network and the source code, but on this project we're looking at being able to verify that data hasn't been altered since it was entered into the database. For example, someone puts in a message on January 1, 2011 and in 2015 the message gets subpoenaed to court. An attorney could argue that the contents of that message could have been altered and is therefore inadmissible as evidence, so we'd need a way to show definitively that the record is accurate and has not been changed (and to be able to detect if it had been changed). Not the usual web development fare, unfortunately. -Justin ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:333097 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm