|
|
|
|
|
|
by definitelyauser
961 days ago
|
|
|
Health data primarily. You aim to encrypt the fields you can, without hampering usability too much. Anything you need to be able to search for (name, ssn) to find patients, or filter on for reports, is generally plaintext. More sensitive things such as "that patient has aids" you'll have to decide if you want to encrypt it, or do a massive select from the DB anytime you need statistics on it. (Or better yet, encrypt it, but store an anonymized tracker elsewhere. But this is less useful for cureable diseases) |
|
|
Is it okay if everything is plaintext but the name? In that case you have a row of sensitive data without anything to link to the actual patient if it leaks.