Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security of information

Status
Not open for further replies.

fdgsogc

Vendor
Feb 26, 2004
160
CA
I am building a website that will include patient names and appointment times on the database. The application will only supply information to the specific patient.

What actions/procedures can I take to ensure the security of this data. That it will not be intercepted during transmission. That hackers will not be able to access the database etc. These are very general questions I know. I have some idea how I want to handle this. I would like your opinion on the good practices that are currently in use.

Thanks for your time.
 
This isn't really a HTML issue. Mayeb something like forum83 would be more appropiate for general questions. Anything more specific, should go to that forum (i.e. php,asp.net,sql server etc).


-------------------------------------------------------

Mark,
[URL unfurl="true"]http://aspnetlibrary.com[/url]
[URL unfurl="true"]http://mdssolutions.co.uk[/url] - Delivering professional ASP.NET solutions
[URL unfurl="true"]http://weblogs.asp.net/marksmith[/url]
 
I agree with Mark.

Also you might want to research, Secure Server [red]https[/red] or http with SSL. Secure Socket Layer.





----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.
 

Your mention of 'patient' suggests that the application may have medical connections. Check out with your attorney/legal adviser before storing or processing any medical data, particularly if you are considering accessing it on the internet. Many jurisdictions have very tight controls on the use and storage of medical data, and heavy penalties for non-compliance.

___________________________________________________________
If you want the best response to a question, please check out FAQ222-2244 first.
'If we're supposed to work in Hex, why have we only got A fingers?'
Drive a Steam Roller
Steam Engine Prints
 
to back up johnwm, OSHA is one such agency that has specific requirements for transmission of personal medical records. For that reason, the company I work for chose not to work with patient databases. The laws just change too quickly and the liability is a lot to handle. I definitely don't recommend it for a novice.
 
I will not be transmitting patient records.

The only thing I am considering transmitting is patient name and appointment date. I may consider only transmitting the first name.

I will review the sites you have all mentioned.

Thanks.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top