The client pays you. So voice your concerns (if you fear legal issues coming from it, record yourself giving the concerns) and then do what they say. It's called CYA for a reason. :)
On Fri, Apr 17, 2009 at 6:41 AM, Richard White <[email protected]> wrote: > > hi > > our clients run tests on patients for research purposes. > > As part of their data protection they are 'told' to not keep personal > identifiers (patient first name, last name, dob etc...) in the same database > as their test data. > > we have created a cf application that uses all cf security we know about, the > database is stored on a seperate mysql vps, it can only be accessed via the > cf app, and the the cf app controls individual access to the personal data > (if someone does not have rights then they cannot read or write to the > personal data) > > however we are getting pressure from places to split the data into 2 database > as it doesnt fit in with the 'terminology' > > personally i am struggling with the need to split it into 2 databases. > > i would appreciate your opinions on this as my opinion is: > > - our cf application handles all of this and i don't see that placing them in > seperate databases will make it more secure > > - even if they are in separate databases... if they are stored on the same > MySQL VPS then someone will be able to piece them together if they get into > the backend anyway > > - if the 2 databases are stored on separate MySQL VPS's would this not open a > security issue. and if someone gets into our cf app code then they will see > the details of both the databases anyway and again can piece it together > > - we also discussed encrypting the data in the personal identifier columns in > another thread > (http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:59153) where > the outcome was that encryption would not provide any real benefit, and was > therefore not necessary. > > thanks for your opinions > > richard > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:321764 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
