There’s varying levels of security and encryption/decryption needed depending on what feidl you’re in. As an example, a real estate agency receiving enquiries about properties doesn’t need anywhere near the same security as a medical practitioner/office exchanging patient records electronically.

The only way to get a real answer is to get someone to do a proper audit of your site, systems and processes and see if they are compatible with whatever reculations you are meant to follow for your industry. You may just need to talk to your bank, but you may need more. Unfortuantely no one here can tell you that (and even if they could, it’s always a bad idea to take any form of legal advice off random peopel on the internet).

At the moment the plan is a site with membership premium content. I plan to only handle email addresses as i will need to have a means contact with the members. Payment will be via paypal.

Although i said ‘serious’ the site will still be a hobby so i have no pressure as to which direction the site will go. Im still at the very beginning so it wont be anything extravagant, but im a fast learner and want to do something with the skills ive learnt.

Other than that E Commerce would be the likely field i would hope to be in later down the track.

Any further advice appreciated.

Then ive found a plugin called WP mail SMTP that can send emails securely via gmail, yahoo etc

If i use this plugin, the outgoing emails from my site will be secured by using the softare provided by gmail or yahoo or whatever i select.

is my understanding correct?

to ask my question in simple terms; if ‘bobs fish&chips’ had a site with a contact form what security wolud he be required to implement?

thanks again