Reply to post: Re: Does there need to be an obligation to "encrypt" ?

TalkTalk attack: 'No legal obligation to encrypt customer bank details', says chief

Gordon 10 Silver badge

Re: Does there need to be an obligation to "encrypt" ?

PCI-DSS only covers credit cards so Talk Talk are technically correct about not having to encrypt Bank Account details. I suspect however they are going to be part of the case law that leads to Bank account details being encrypted as "reasonable" under the data protection act.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021