On Mon, Apr 4, 2011 at 5:16 AM, Richard White <rich...@j7is.co.uk> wrote:
> basically our security entails a VPN between the database server and > software server, firewalls, application firewalls, an SSL between the client > machine and software server, and all of the usual CF security... however > there are rules in some countries that medical data must be encrypted in the > database, i agree that i cannot see the threat this directly targets! I'd look a little deeper into the specific requirement before going to a blanket goal to "encrypt everything". I suspect only certain medical data needs to be protected, and/or only personally identifiable medical information. Primary keys (for example) are not medical information. -Cameron -- Cameron Childress Sumo Consulting Inc http://www.sumoc.com --- cell: 678.637.5072 aim: cameroncf email: camer...@gmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:343528 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm