From: | Moreno Andreo <moreno(dot)andreo(at)evolu-s(dot)it> |
---|---|
To: | pgsql-general(at)lists(dot)postgresql(dot)org |
Subject: | Re: Key encryption and relational integrity |
Date: | 2019-04-01 18:09:51 |
Message-ID: | da43aabb-f344-a23c-93da-25f0476fca0f@evolu-s.it |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Il 29/03/2019 20:23, Adrian Klaver ha scritto:
> On 3/29/19 9:01 AM, Moreno Andreo wrote:
>
>> And I tried to find a solution, and since I did not like that much
>> what I found (and it seems that neither you do :-) ), I came here
>> hoping that someone would share his experience to shed some light on
>> the topic.
>
> From what you have posted the biggest issue you are having is less
> then real time search on patient names due to the need to meet
> pseudonymisation. To me that is always going to be a problem as there
> are two opposing forces at work, overhead to implement
> pseudonymisation vs quick lookup. Might be time to lower expectations
> on what can be done.
... or just do NOT meet pseudonimization at all, but try to enforce
other rules suggested bu GDPR.
Peter put in evidence a concept
"
The GDPR
doesn't say how to do that at all (the legislators were wise enough that
any attempt to do that would result in a mess). So you can't say "the
GDPR says we have to do it this way" (and if your consultant says that
it is probably time to get a different one). You have to consider all
the risks (and yes, an attacker getting access to some or all of the
data is a risk, but a doctor not being able to access a patient's
records is also a risk) and implement the best you can do considering
"the state of the art, the costs of implementation", etc.
"
that would be absolutely right. I'm not forced to use pseudonimysation
if there's the risk to get things worse in a system. I've got to speak
about these"two opposing forces at work" to a privacy expert (maybe
choosing another one, as Peter suggested :-) ) and ask him if it could
be used as a matter of declining pseudonymisation because of
"pseudonimysation puts at risk overall performance or database integrity"
What do you think?
>
>>
>>
>>> hp
>>>
>>
>>
>>
>>
>>
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Rory Campbell-Lange | 2019-04-01 18:48:11 | Re: Key encryption and relational integrity |
Previous Message | Michel Pelletier | 2019-04-01 17:55:11 | Re: Help with insert query |