Re: Database Encryption (now required by law in Italy)
| От | Dave Ewart |
|---|---|
| Тема | Re: Database Encryption (now required by law in Italy) |
| Дата | |
| Msg-id | 20040305121254.GK13042@nemesis.ox.icnet.uk обсуждение исходный текст |
| Ответ на | Re: Database Encryption (now required by law in Italy) (Silvana Di Martino <silvanadimartino@tin.it>) |
| Ответы |
Re: Database Encryption (now required by law in Italy)
Re: Database Encryption (now required by law in Italy) |
| Список | pgsql-admin |
On Friday, 05.03.2004 at 12:52 +0000, Silvana Di Martino wrote: > Deciding which data are relevant is not easy. The law stipulates that all of > the "personal data" have to be encrypted and that "personal data" are the > data that allow a "spy" to infer any of the following information about a > person: > - identity > - age > - health status > - political orientation > - religious faith > - address > - phone number > - email address > - and a few more... Interesting - of course some of the above, such as age, political orientation and religious faith are NOT personal data if the other identifying information is absent (e.g. you know that someone aged 35 is a Communist and a Christian - not terribly helpful on its own). The exception to that rule is where there are very few people having the characteristics in question. But as you say, encrypting 'the whole database' in some way is probably safest ... If you find any 'automated' front-end to do this at the database-level, rather than something like loopback at the filesystem level or at the field level for specific fields, I think there would be a lot of interest. Dave. -- Dave Ewart Dave.Ewart@cancer.org.uk Computing Manager, Epidemiology Unit, Oxford Cancer Research UK PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370
В списке pgsql-admin по дате отправления: