Overview of Deploying B2C Service in a Controlled Environment

For added protection, B2C Service can be hosted within cloud environments that align with payment card, health insurance, and U.S. government regulatory control frameworks.

Within the Oracle cloud environment, Oracle monitors and protects the operational information as well as the physical infrastructure. Oracle applies industry standard practices and current technology to aid in the protection and safety of your data. The information in these sections provides guidance on deploying B2C Service in a manner that suits several regulations. It is meant for anyone involved in building a solution that implements any of these regulatory environments:

• B2C Service in a Payment Card Industry (PCI)

• Health Insurance Portability and Accountability Act (HIPAA)/Health Information Technology for Economic and Clinical Health (HITECH) Act

• Federal Risk and Authorization Management Program (FedRAMP)

Note: Authorize To Operate (ATO) support from a U.S. Cloud Operations public sector compliance analyst is included when purchasing Oracle Government Cloud Platform. We include reference to FedRAMP inthis document because it is also a PCI attested environment, so the controls described here apply and may offer assistance.