At 2:51 PM +0100 8/12/10, Ashley Sheridan wrote:
If you are storing the data in a DB, then I'd consider using different levels of access to that via different DB users, which should offer an extra layer of security in protecting the data.
Of course, the routines I'm writing provide several levels of access for different functions/job-duties. However, at some point there will be people who will have access to SS# data.
The real questions here are: 1. Is it lawful in the USA to store US SS# in an online database? 2. If it is lawful, then what security provisions are required? Cheers, tedd -- ------- http://sperling.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
