Re Ola's point, I suggest we go for the option with a property on attribute discriminating between "confidential" and not confidential attributes. Then we can put these into separate tables and encrypt the confidential ones. Suggest that confidential attributes are simply not available in "analysis" reports (ie. tabular report). This will be difficult since we cannot access this data using plain SQL anymore, and it will be a way to circumvent security in any case. They must be available in person search of course.
-- Mailing list: https://launchpad.net/~dhis2-devs-core Post to : [email protected] Unsubscribe : https://launchpad.net/~dhis2-devs-core More help : https://help.launchpad.net/ListHelp
