Database Reference
In-Depth Information
Tablespace encryption is a good alternative to column-based transparent data
encryption if your tables contain sensitive data in multiple columns, or if you
want to protect the entire table and not just individual columns.
Tablespace encryption encrypts all data stored in an encrypted tablespace. This
includes internal large objects (LOBs) such as binary large objects (BLOBs) and
character large objects (CLOBs).
Transparent Data Encryption encrypts the data as it is written to disk. Data is
transparently decrypted as it is retrieved from the disk for an authorized user.
The user is not aware of the fact that the data is being encrypted and decrypted.
However, if the backup media gets lost or stolen, the data is not compromised.
It is very important to note that this protects the data in the files. If you have an
intruder penetrating as far as your filesystem, or your backups get lost, the data
in those files is secure. However, if someone gets access to a running database,
they can see the information in the clear.
Healthcare Information Portability and
Protection Act (HIPPA)
Title II of HIPPA, known as the Administrative Simplification (AS) provisions,
requires the establishment of national standards for electronic health care
transactions and national identifiers for providers, health insurance plans, and
employers. This is intended to help people keep their information private.
We will take you through the duties imposed by HIPPA. We will also help you
identify information that is subject to HIPPA and explain some of the protections
afforded by the applications and technologies to protect this data.
In order to quote a little from the legislation, a paraphrasing from section 1173 is
as follows:
"Each person who maintains or transmits health information shall maintain
reasonable and appropriate administrative, technical, and physical safeguards:
• to ensure the integrity and conidentiality of the information
• to protect against any reasonably anticipated
° threats or hazards to the security or integrity of the information
° unauthorized uses or disclosures of the information
• otherwise to ensure compliance with this part by the oficers and employees
of such a person."
 
Search WWH ::




Custom Search