V G gmail.com> writes: >=20 > Hi all, >=20 > I'm going to be deploying a web service on some random paid webhost > involving a PostgreSQL database with sensitive medical patient informatio= n. > The database will be accessed by my frontend PHP web application with a s= et > of defined users. >=20 > Since the database holding patient data is sitting on a 3rd party webhost= , > I don't want the data in the database to be cleartext that the webhosting > company can see. What's the best way to encrypt the data? >=20 > 1. Does PostgreSQL have any database encryption features you guys would > recommend? The problem with this is that anyone sitting on the webhosting > company's side can intercept the authentication if they really wanted to, > so in principle, it's not secure. >=20 > 2. One way is to do a "password" type symmetric key encryption on the > client side via javascript and send and store the encrypted data to the > remote database. This means I have to distribute the key to the doctor I'= m > researching for and his team by hand. >=20 > I'm leaning towards the client side password-based symmetric key > encryption. What do you guys think? >=20 This question has more to it than "just" asking a list, even if it is the PICList. Sensitive medical information storage/access should follow HIPPA regulations. I believe it is even more stringent: it HAS to follow HIPPA, = at least in the US. Since the penalty for failure to do so is fairly high, I = would start with reviewing these regulations and best practices. =20 I am pretty sure hosting on a "3rd party webhost" does not meet information security requirement. There are plenty of dedicated hosting options.=20 Good luck,=20 Sergey Dryga http://beaglerobotics.com --=20 http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist .