My HR dept. is asking if they can have a job application form be built that would feed into a database.
My concern with this is with regards to security. I know you have to script properly to avoid injections and whatever techniques hackers might use.
From a bigger picture though, do we have to have certain certification in place for handling sensitive info?
Social Security Numbers is the first thing that comes to mind.
Handing sensitive info is new to me, so I'm muddling through it all right now reading HITECH certification and if that applies or whatever else we have to do to get and maintain compliance.
Any feedback is appreciated.