Re: HIPAA

On March 8, 2004 09:07, Andrew Sullivan wrote:
> On Mon, Mar 08, 2004 at 12:07:23PM +0000, Silvana Di Martino wrote:
> > This seems to give to this "db encryption" issue the status of "global
> > relevance" that would deserve a more systematic approach. I mean: no
> > homegrown solutions - rather have the community to develop a specific,
> > standard extension of PostgreSQL and put it into the distro.
>
> Just to throw another wrench into the works, you might want to think
> about some of the observations on what data you _really_ need that
> are in Peter Wayner's _Translucent Databases_ (Flyzone Press, 2002.
> ISBN 0-9675844-1-8).  Many of the techniques are not particularly
> novel, but the discussion in the beginning about deciding just which
> data you _really_ need is, I think, very helpful.  There's a tendency
> to collect data just because one can, and the new data protection
> laws are an attempt to find a techno fix to the problem.  (I still
> like it that someone is spending some time on improving the crypto
> stuff, though.)
>
> A

Many, many moons ago when I was young and stupid, I was in an intelligence
trade in the Cdn Navy - COMINT/SIGINT.

it never ceases to amaze me at how consistantly people underestimate the
information that can be taken from a datum - especially when aggrigated with
data from other sources.