Thread: Re: Key encryption and relational integrity

Re: Key encryption and relational integrity

From
Adrian Klaver
Date:
On 3/28/19 7:29 AM, Moreno Andreo wrote:
> Il 27/03/2019 07:42, Tony Shelver ha scritto:
>> Not in Europe, but have worked a bit with medical records systems in 
>> the USA, including sharing across providers.

>> The only other way to do it would be to store the encrypted key value 
>> in both user.id <http://user.id> and medications.user_id.  That would 
>> encrypt the data and maintain relational integrity.
> Hmmm... if user.id and medications.user_id are the same, I can link user 
> with medication... and GDPR rule does not apply..... or am I missing 
> something?

Yes the link means that someone could use the medications.user_id to 
fetch the rest of the user information from the user table. Unless you 
encrypted that information also, which I gather you do not want to do 
for performance reasons.


-- 
Adrian Klaver
adrian.klaver@aklaver.com



Re: Key encryption and relational integrity

From
Moreno Andreo
Date:
Il 28/03/2019 15:45, Adrian Klaver ha scritto:
> On 3/28/19 7:29 AM, Moreno Andreo wrote:
>> Il 27/03/2019 07:42, Tony Shelver ha scritto:
>>> Not in Europe, but have worked a bit with medical records systems in 
>>> the USA, including sharing across providers.
>
>>> The only other way to do it would be to store the encrypted key 
>>> value in both user.id <http://user.id> and medications.user_id.  
>>> That would encrypt the data and maintain relational integrity.
>> Hmmm... if user.id and medications.user_id are the same, I can link 
>> user with medication... and GDPR rule does not apply..... or am I 
>> missing something?
>
> Yes the link means that someone could use the medications.user_id to 
> fetch the rest of the user information from the user table. Unless you 
> encrypted that information also, which I gather you do not want to do 
> for performance reasons.
>
>
Yes, but to be GDPR compliant I _have_ to remove that link. As you 
reported in an earlier email, they say that you can't link patient and 
medication if not with an external resource. In this case we are linking 
them without an external resource....

Wandering on the web I also bumped on an article that suggested to have 
the tables on 2 databases on 2 different servers with different 
credentials.... Interesting, but still without RI.

I think I have to answer this question: "is it acceptable to have this 
kind of master-detail structure in a database without RI?" (The example 
is about 2 tables, obviously in the real world the master will have 50+ 
detail tables)

Thanks

Moreno.





Aw: Re: Key encryption and relational integrity

From
"Karsten Hilbert"
Date:
> Yes, but to be GDPR compliant I _have_ to remove that link. As you
> reported in an earlier email, they say that you can't link patient and
> medication if not with an external resource. In this case we are linking
> them without an external resource....

I REALLY doubt that.

I believe you when you say "they say that ..." but I truly doubt that
GDPR intended to make data processing fully impractical.

(I work in the medical field)

Karsten



Aw: Re: Key encryption and relational integrity

From
"Karsten Hilbert"
Date:
> I believe you when you say "they say that ..." but I truly doubt that
> GDPR intended to make data processing fully impractical.
>
> (I work in the medical field)

In Germany, that is, which usually takes things to the
extreme, for better or worse.

Karsten