There is a way of encrypting the data files stored on the server to harden them against direct access or hacking.
The website is in /var/www as usual and uses PHP to access data on another drive mounted as /home/data if that is any help. I coded up the site myself and with my level of coding I doubt it it is uncrackable.
I'm also concerned that someone may gain physical access to the computer, and get access to the data that way.