Does Laserfiche forms meet the requirements of Payment Card Industry Data Security Standard (PCI-DSS/PA DSS)
Question
Question
Replies
It appears that it is not unless you're using a compliant integration to handle the customer data/transactions.
The Forms Braintree and Authorize.net integrations collect all cardholder data within an Iframe and send it to a third party, so that the Laserfiche Forms Server does not store any cardholder data. This simplifies PCI compliance, as both Braintree and Authorize.net are PCI-compliant frameworks. You should still complete a Self-Assessment Questionnaire (SAQ) for PCI compliance validation
Configuring the Payment Gateway Integration (laserfiche.com)
I agree with what Kevin Wells has laid out. Also, in doing the PCI-DSS 3.x SAQ you will be able to make sure that your system is not storing any payment card data (redacted or not redacted).