In addition to our Planning Center Security Practices and Procedures, we take some extra precautions for Giving. We only allow a specific permission to access giving, and we keep track of each change made in the system logs.
Like any merchant that handles credit card payments, Planning Center must comply with Payment Card Industry Data Security Standards (PCI DSS, or PCI for short). Planning Center is a Level One compliant merchant. Our Attestation of Compliance documentation is available upon request at firstname.lastname@example.org.
In practice, we go well beyond what basic security frameworks require. For example:
- Instead of scheduled and narrowly scoped penetration testing required by these security frameworks, we conduct ongoing penetration testing through HackerOne's open bounty program.
- We use local 2-factor-auth (hardware keys, fingerprint scanners, etc) for any employee accessing customer data in the course of providing customer support.
- Although the General Data Protection Regulation (GDPR) applies only to customers within the EU, we hold to this standard for all customers even though 95% of them are in the US.
Planning Center allows an overarching permission which has access to all applications, the Organization Administrator. However, the Organization Administrator does not have access to Giving by default because Giving access is more tightly controlled. Even an Organization Administrator needs to be given permission to access Giving.
In order to have access to Giving, a person must be added by another Giving Administrator. When a new Giving Administrator is added, all other Giving Administrators are emailed about the change. When someone's Giving access is revoked, they have to be added back by a current Administrator, even if they're the one who originally created the account.