Re: SetHeader not Working

This WebDNA talk-list message is from

2006


It keeps the original formatting.
numero = 67537
interpreted = N
texte = I see. I am sorry that I can't provide very good information. I am in = time crunch at work and I still have to take time off to handle my = grandmother's funeral. I am not in good condition. I may not have the = time to give you the exact info given my situation. As far as being a credit card processor, it is advised not to store cc = for company policy. >From HIPAA standpoint, I know practices are't suppose to store cc = information, not even writing cc on paper. I am not the direct source of knowing the exact law and regulation. My = knowledge is received from those who are in some sort of training or = seminar they attended. I understand it seems to be a more serious concern. I can't provide more concrete information at this time. If I run into = anything in the future, I'll send the update to this list. -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf Of Brian Fries Sent: Tuesday, June 20, 2006 11:01 AM To: WebDNA Talk Subject: Re: SetHeader not Working Bess - Many of us support sites that store credit card information, and have =20 for a number of years. We have varying levels of security built in to =20 our systems (encryption, password protection, temporary storage only, =20 etc). If you have solid facts about any laws, regulations or security =20 policies, and can point us at online or printed references to the =20 real information, this would be greatly appreciated. Simply stating that you are "in the credit card business" and we are =20 not allowed to store credit card info without some mysterious =20 certification, and to "just trust my word for now" isn't enough. Co-=20 opting unrelated discussion subjects and using phrases like "I have =20 to ask around", "I remember vaguely" and "may involve Sing Sing" =20 erodes any useful information or insights you are trying to provide. Cite your sources, if you have them, and we can determine whether our =20 sites are in compliance, or how to make them so. Brian Fries BrainScan Software On Jun 20, 2006, at 10:45 AM, Bess Ho wrote: > I see you guys are really concern about storing cc. I have to ask =20 > around because I am not so into it but am told about it. > > Violating HIPAA does involve Sing Sing (I remember vaguely). > > Identity Theft may involve Sing Sing. > > I guess the bottomline is you are more concern about Sing Sing. =20 > Paying the fine is ok. > > -----Original Message----- > From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf Of > Dan Strong > Sent: Monday, June 19, 2006 9:06 PM > To: WebDNA Talk > Subject: Re: SetHeader not Working > > > Bess, > > HIPAA has to do with privacy relating to medical records (for =20 > American ctizens): > http://www.hhs.gov/ocr/hipaa/ > > See how I cited a source for my info? > > Please do as John asked and cite your source. > > Thank you, > -Dan > > > > > On Mon, 19 Jun 2006 13:27:00 -0700 > "Bess Ho" wrote: >> I have to check with someone here on my end. I can't remember the =20 >> detail. >> >> However, I think there are other laws involved. I am only guessing =20 >> it is related to HIPAA or >> Identity Theft... >> >> I tend to think it is not about a good practice but there are laws =20 >> about it. >> >> -----Original Message----- >> From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On =20 >> Behalf Of >> John Peacock >> Sent: Monday, June 19, 2006 12:26 PM >> To: WebDNA Talk >> Subject: Re: SetHeader not Working >> >> >> Bess Ho wrote: >>> I lost my grandmother and I have to prepare and get ready for the =20 >>> funeral in next few wks. >> >> I'm sorry for your loss. >> >>> I can't recall all the detail. Just trust my word for now. It is =20 >>> not just a business policy. >> >> Are you thinking of the "Payment Card Industry Data Security =20 >> Standards": >> >> http://tinyurl.com/5dzju >> >> (that's a link to Visa's pages, MasterCard has similar pages). The >> Secret Service is the government agency that investigates credit card >> fraud (but they don't get involved for anything less than $2000). =20 >> The >> penalties under PCI/DSS are steep, but they are governed by =20 >> *contract* >> law (i.e. the contract you signed, or more likely your CC =20 >> aggregator, as >> a merchant), not *criminal* law. >> >> More to the point, here is a discussion on the Better Business =20 >> Bureau's >> website: >> >> http://www.bbbonline.org/update/issue.asp?ID=3D59 >> >> that discusses PCI/DSS in detail (skip past the promotional copy for >> their overpriced ScanAlert service), and the expensive costs of being >> uncertified after a data breach. Nothing in this article mentions =20 >> any >> criminal statute covering this. PCI/DSS is a _voluntary_ regime =20 >> set up >> and managed by the credit card companies, and enforcement is strictly >> due to the contracts that merchants have to sign. Anyone who is =20 >> using a >> credit card consolidation service should check with them for what =20 >> rules >> that they require of their "customers" (i.e. you). >> >> John >> >> --=20 >> John Peacock >> Director of Information Research and Technology >> Rowman & Littlefield Publishing Group >> 4501 Forbes Boulevard >> Suite H >> Lanham, MD 20706 >> 301-459-3366 x.5010 >> fax 301-429-5748 >> ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to = Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: SetHeader not Working ( "Dan Strong" 2006)
  2. Re: SetHeader not Working ( "Bess Ho" 2006)
  3. Re: SetHeader not Working ( "Bess Ho" 2006)
  4. Re: SetHeader not Working ( Brian Fries 2006)
  5. Re: SetHeader not Working ( "Bess Ho" 2006)
  6. Re: SetHeader not Working ( Matthew Bohne 2006)
  7. Re: SetHeader not Working ( "Dan Strong" 2006)
  8. Re: SetHeader not Working ( Gary Krockover 2006)
  9. Re: SetHeader not Working ( Donovan Brooke 2006)
  10. Re: SetHeader not Working ( "Bess Ho" 2006)
  11. Re: SetHeader not Working ( "Bess Ho" 2006)
  12. Re: UCE: Re: SetHeader not Working ( Dale Lists 2006)
  13. Re: SetHeader not Working ( Dale Lists 2006)
  14. Re: SetHeader not Working ( Donovan Brooke 2006)
  15. Re: SetHeader not Working ( Sandie L Miller 2006)
  16. Re: SetHeader not Working ( Matthew Bohne 2006)
  17. Re: SetHeader not Working ( John Peacock 2006)
  18. Re: SetHeader not Working ( Matthew Bohne 2006)
  19. Re: SetHeader not Working ( Bob Minor 2006)
  20. Re: SetHeader not Working ( "Bess Ho" 2006)
  21. Re: SetHeader not Working ( John Peacock 2006)
  22. Re: SetHeader not Working ( "Bess Ho" 2006)
  23. Re: SetHeader not Working ( WJ Starck 2006)
  24. Re: SetHeader not Working ( Bob Minor 2006)
  25. Re: SetHeader not Working ( "Bess Ho" 2006)
  26. Re: SetHeader not Working ( Donovan Brooke 2006)
  27. Re: SetHeader not Working ( "Bess Ho" 2006)
  28. Re: SetHeader not Working ( WJ Starck 2006)
  29. Re: SetHeader not Working ( John Peacock 2006)
  30. Re: SetHeader not Working ( "Bess Ho" 2006)
  31. Re: SetHeader not Working ( Donovan Brooke 2006)
  32. Re: SetHeader not Working ( John Peacock 2006)
  33. Re: SetHeader not Working ( Donovan Brooke 2006)
  34. Re: SetHeader not Working ( Clint Davis 2006)
  35. Re: SetHeader not Working ( Clint Davis 2006)
  36. Re: SetHeader not Working ( WJ Starck 2006)
  37. SetHeader not Working ( Clint Davis 2006)
I see. I am sorry that I can't provide very good information. I am in = time crunch at work and I still have to take time off to handle my = grandmother's funeral. I am not in good condition. I may not have the = time to give you the exact info given my situation. As far as being a credit card processor, it is advised not to store cc = for company policy. >From HIPAA standpoint, I know practices are't suppose to store cc = information, not even writing cc on paper. I am not the direct source of knowing the exact law and regulation. My = knowledge is received from those who are in some sort of training or = seminar they attended. I understand it seems to be a more serious concern. I can't provide more concrete information at this time. If I run into = anything in the future, I'll send the update to this list. -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf Of Brian Fries Sent: Tuesday, June 20, 2006 11:01 AM To: WebDNA Talk Subject: Re: SetHeader not Working Bess - Many of us support sites that store credit card information, and have =20 for a number of years. We have varying levels of security built in to =20 our systems (encryption, password protection, temporary storage only, =20 etc). If you have solid facts about any laws, regulations or security =20 policies, and can point us at online or printed references to the =20 real information, this would be greatly appreciated. Simply stating that you are "in the credit card business" and we are =20 not allowed to store credit card info without some mysterious =20 certification, and to "just trust my word for now" isn't enough. Co-=20 opting unrelated discussion subjects and using phrases like "I have =20 to ask around", "I remember vaguely" and "may involve Sing Sing" =20 erodes any useful information or insights you are trying to provide. Cite your sources, if you have them, and we can determine whether our =20 sites are in compliance, or how to make them so. Brian Fries BrainScan Software On Jun 20, 2006, at 10:45 AM, Bess Ho wrote: > I see you guys are really concern about storing cc. I have to ask =20 > around because I am not so into it but am told about it. > > Violating HIPAA does involve Sing Sing (I remember vaguely). > > Identity Theft may involve Sing Sing. > > I guess the bottomline is you are more concern about Sing Sing. =20 > Paying the fine is ok. > > -----Original Message----- > From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf Of > Dan Strong > Sent: Monday, June 19, 2006 9:06 PM > To: WebDNA Talk > Subject: Re: SetHeader not Working > > > Bess, > > HIPAA has to do with privacy relating to medical records (for =20 > American ctizens): > http://www.hhs.gov/ocr/hipaa/ > > See how I cited a source for my info? > > Please do as John asked and cite your source. > > Thank you, > -Dan > > > > > On Mon, 19 Jun 2006 13:27:00 -0700 > "Bess Ho" wrote: >> I have to check with someone here on my end. I can't remember the =20 >> detail. >> >> However, I think there are other laws involved. I am only guessing =20 >> it is related to HIPAA or >> Identity Theft... >> >> I tend to think it is not about a good practice but there are laws =20 >> about it. >> >> -----Original Message----- >> From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On =20 >> Behalf Of >> John Peacock >> Sent: Monday, June 19, 2006 12:26 PM >> To: WebDNA Talk >> Subject: Re: SetHeader not Working >> >> >> Bess Ho wrote: >>> I lost my grandmother and I have to prepare and get ready for the =20 >>> funeral in next few wks. >> >> I'm sorry for your loss. >> >>> I can't recall all the detail. Just trust my word for now. It is =20 >>> not just a business policy. >> >> Are you thinking of the "Payment Card Industry Data Security =20 >> Standards": >> >> http://tinyurl.com/5dzju >> >> (that's a link to Visa's pages, MasterCard has similar pages). The >> Secret Service is the government agency that investigates credit card >> fraud (but they don't get involved for anything less than $2000). =20 >> The >> penalties under PCI/DSS are steep, but they are governed by =20 >> *contract* >> law (i.e. the contract you signed, or more likely your CC =20 >> aggregator, as >> a merchant), not *criminal* law. >> >> More to the point, here is a discussion on the Better Business =20 >> Bureau's >> website: >> >> http://www.bbbonline.org/update/issue.asp?ID=3D59 >> >> that discusses PCI/DSS in detail (skip past the promotional copy for >> their overpriced ScanAlert service), and the expensive costs of being >> uncertified after a data breach. Nothing in this article mentions =20 >> any >> criminal statute covering this. PCI/DSS is a _voluntary_ regime =20 >> set up >> and managed by the credit card companies, and enforcement is strictly >> due to the contracts that merchants have to sign. Anyone who is =20 >> using a >> credit card consolidation service should check with them for what =20 >> rules >> that they require of their "customers" (i.e. you). >> >> John >> >> --=20 >> John Peacock >> Director of Information Research and Technology >> Rowman & Littlefield Publishing Group >> 4501 Forbes Boulevard >> Suite H >> Lanham, MD 20706 >> 301-459-3366 x.5010 >> fax 301-429-5748 >> ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to = Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ "Bess Ho"

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

HTML Editors (1997) NetSplat and WebCat2 (1997) send people in a database an email (2001) Version f1 status (1997) WebCatalog [FoundItems] Problem - LONG - (1997) Database not found in Include (2002) WebDNA Quick Reference (Reserved Words) (2000) WC2f3 (1997) automatic reload of frameset (1997) What am I missing (1997) I need Typhoon Pro Tonight! (1999) addlineitem mystery (2003) Showif, Hideif reverse logic ? (1997) can WC render sites out? (1997) Pithy questions on webcommerce & siteedit (1997) Multi vendor shop (2000) when is date system date or order date? (1997) Nested Loops and SHOWIFs (1997) thisurl & arguments (2000) WebCat2b13MacPlugIn - [showif][search][/showif] (1997)