On Wed, 2012-06-27 at 08:59 -0400, V G wrote:
> >
> No one's inventing encryption systems. I'm making use of standard AES
> encryption and choosing what gets encrypted and what doesn't.
>=20
> The data itself doesn't really matter. The important part is WHO the data
> belongs to - the names. If the names themselves can't be deciphered, then
> it should be good enough. What data is related to the names doesn't matte=
r.
> The whole thing can be looked at as a key-value database with the key bei=
ng
> names and the value being a bunch of numbers/blob text/etc. The value
> itself is meaningless.
>=20
> Example data: smokes, has cancer, enlarged left atrium, is an electrical
> engineer.
>=20
> That data in itself is useless. This isn't some secret government
> organization thing, so no one really cares about it in the first place, n=
or
> is anyone targeting it, nor would anyone spend any time trying to get it.
> I'm just being over cautious about this whole thing by nature.

OMG, are you being serious here?

This is MEDICAL data you are talking about.

"Smokes, has cancer, is an electrical engineer". If your DB got out,
with this sort of stuff available you would be in ALOT of trouble.

Maybe data like that doesn't matter much to you, but how about the
person it DOES belong to? Even without names (which doesn't say much due
to how easy it often is to associate "annonymized" data with names) this
is NOT the kind of data to be treated in such a half hazard way.

I really think you need to consult someone who's familiar with what's
legally required as to the safe guarding of confidential medical data. I
think you will find that "removing the names" is not for one second
considered good enough.

TTYL

--=20
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
.