is it a PCI violation to store the expiration month/year of a customers CC (for the purpose of knowing when a CC expires and reminding the card holder to update their info)
Edit: I looked up the document, TL;DR - you don't need to encrypt the cardholder name, service code, or expiration date unless you are also storing an associated primary account number.