Re: tampering withelectronic health records

[Horst Herb]

> > Do you see a way to protect at the row or field level?
> Well, extract them by way of SQL statements, do the same
> procedure with the extracted data+the extract script and
> make sure you can extract the information later on.
>
> But this goes against the idea of a digital notary. A
> notary service' goal is to certify a certain status quo
> at a given point in time. It is not the right tool for
> preventing tampering with the in-use data at the
> application level. Just as a justice-in-peace isn't
> your factory security guard. Both serve the same
> ultimate goal - protect that which is yours - but
> they just ain't doing it the same way.

There are situations where you don't want to notarize your whole database,
just fractions of it. You might keep private annotations within your health
record database, for example. It would intrude into the "privacy" of your
private annotation if you would be forced to notarize them as well.

Of course, this would be bad database design.

Horst