A key tool for businesses that handle customer credit card information is the payment card industry data security standard (PCI DSS). It's essentially a set of rules that companies handling credit card information need to adhere to.
By not adhering to compliancy rules, a business runs the risk of losing customer trust.