hi our clients run tests on patients for research purposes.
As part of their data protection they are 'told' to not keep personal identifiers (patient first name, last name, dob etc...) in the same database as their test data. we have created a cf application that uses all cf security we know about, the database is stored on a seperate mysql vps, it can only be accessed via the cf app, and the the cf app controls individual access to the personal data (if someone does not have rights then they cannot read or write to the personal data) however we are getting pressure from places to split the data into 2 database as it doesnt fit in with the 'terminology' personally i am struggling with the need to split it into 2 databases. i would appreciate your opinions on this as my opinion is: - our cf application handles all of this and i don't see that placing them in seperate databases will make it more secure - even if they are in separate databases... if they are stored on the same MySQL VPS then someone will be able to piece them together if they get into the backend anyway - if the 2 databases are stored on separate MySQL VPS's would this not open a security issue. and if someone gets into our cf app code then they will see the details of both the databases anyway and again can piece it together - we also discussed encrypting the data in the personal identifier columns in another thread (http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:59153) where the outcome was that encryption would not provide any real benefit, and was therefore not necessary. thanks for your opinions richard ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:321722 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
