2

We have a healthcare application. It is in production. We want to make it HIPPA compliant. One of the requirements is to encrypt patient information. We are using patient's last name, date of birth and social security number in various areas of the application. We provide auto complete behaviour where patient's last name field is used, we also provide search with last name and date of birth.

Can anyone suggest how we can encrypt these three columns in database, so that we don't have to change our existing code and queries?

Or if we can do it only changing application code?

Or if we can do it only changing database queries/stored procedures?

We are using ASP.NET (C#) and MS SQL Server 2008, please let us know any solution which would have very little impact on our exiting code and queries.

Improve this question
3
  • 2
    Transparent Data Encryption Commented Oct 8, 2013 at 2:19
  • See that you already have an answer (comment) which fits the question. Now, on a related topic, do you have SSL setup? You want to limit as much as possible unencrypted traffic, especially dealing with HIPPA and compliance issues. Commented Oct 8, 2013 at 4:21
  • TDE (Transparent Data Encryption) is a good option, I have couple of confusions about it: If TDE is applied and some one connects using SQL Server Management Studio, data will be visible to him as plain text or encrypted? and in which version (Standard, Enterprise etc) this feature is available? Commented Oct 8, 2013 at 5:11

1 Answer 1

Reset to default
1

Information according TDE (Transparent Data Encryption) is listed here (http://technet.microsoft.com/en-us/library/bb934049(v=sql.100).aspx).

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.