Re: HIPAA

On Mon, Mar 08, 2004 at 12:07:23PM +0000, Silvana Di Martino wrote:

> This seems to give to this "db encryption" issue the status of "global
> relevance" that would deserve a more systematic approach. I mean: no
> homegrown solutions - rather have the community to develop a specific,
> standard extension of PostgreSQL and put it into the distro.

Just to throw another wrench into the works, you might want to think
about some of the observations on what data you _really_ need that
are in Peter Wayner's _Translucent Databases_ (Flyzone Press, 2002.
ISBN 0-9675844-1-8).  Many of the techniques are not particularly
novel, but the discussion in the beginning about deciding just which
data you _really_ need is, I think, very helpful.  There's a tendency
to collect data just because one can, and the new data protection
laws are an attempt to find a techno fix to the problem.  (I still
like it that someone is spending some time on improving the crypto
stuff, though.)

A

--
Andrew Sullivan  | ajs@crankycanuck.ca
The fact that technology doesn't work is no bar to success in the marketplace.
        --Philip Greenspun