What are the settings I need to pay special attention to when deploying the Oracle B2C Service application into a PCI or HIPAA compliant environment?
Oracle B2C Service with either PCI Cloud Service and/or HIPAA Cloud Service
Paramount to implementing Oracle B2C Service for PCI or HIPAA compliance is the knowledge of features and system boundaries for protecting regulated data. When entrusting sensitive data to a cloud environment, customers must understand the environment when moving data in and out as well as the governing controls.
If you are you setting up your Service Cloud instance for use in a PCI or HIPAA regulated environment, we have a guide that describes the various settings and controls applicable to these regulated environments so you can understand what deployment considerations need to be addressed.
If you have implemented Service Cloud for PCI or HIPAA, best practices suggest you should periodically check to make sure you are up to date. Our deployment guide highlights the settings and controls you should understand and determine applicability for your needs.
The deployment guides "Deploying PCI and HIPAA" can be found in the Securing Oracle B2C Service documentation.
For additional information, please see the PCI DSS Responsibility Matrix.