Skip to main content

💼 3.1 Keep cardholder data storage to a minimum by implementing data retention and disposal policies.

ID: /frameworks/pci-dss-v3.2.1/03/01

Stats

not available

Description

Procedures and processes that include at least the following for all cardholder data (CHD) storage:

Limiting data storage amount and retention time to that which is required for legal, regulatory, and/or business requirements
Specific retention requirements for cardholder data
Processes for secure deletion of data when no longer needed
A quarterly process for identifying and securely deleting stored cardholder data that exceeds defined retention.

Similar

Sections
- /frameworks/pci-dss-v4.0/03/02/01
Internal
- ID: dec-c-6e0d6f02

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 3.2.1 Account data storage is kept to a minimum through implementation of data retention and disposal policies, procedures, and processes.			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 3.2.1 Account data storage is kept to a minimum through implementation of data retention and disposal policies, procedures, and processes.			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS RDS Cluster Backup Retention Period is less than 7 days🟢	1	🟢 x6	no data

Stats
Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (1)