Best way to secure healthcare data in DB

It kind of depends whether the security is more important than the performance cost - for healthcare info I'd be thinking 'yes - absolutely'?

Yes, security is beyond everything...

We found this package : [https://github.com/jenssegers/optimus] which obfucate ids integers into others ( and you get the same result for the same input)

I find these kind of obfuscations very weak because once you find the pattern for one input, you find it for every input... But we can't generate randomized crypted strings, otherwise even SQL cant get the joined tables....

I'm out of solution here :(

I think you can keep the auto incremented id for joining the tables and use random hashed string for the urls, like a slug.

IDs to display aren't the topic, but do you have any arguments to keep the AI in joining tables ?

Thanks for the answers anyway !

What attack model are you trying to guard against? Is it just grabbing the db itself or that they get into your servers and can see the code/filesystem? It might be useful (cross) posting on somewhere like http://security.stackexchange.com/ about this?

I'm out of my depth here - but if your pivot/intermediate tables are using the hash of the patient/doctor/whatever "real" id's, then if someone grabs just the db it'd be fairly hard to figure out specifics? If the attacker gets to see your code - maybe an isolated micro-style service on a very locked down server than has the sole responsibility of returning a hash? But as I say - I'm out of my depth :-)

The grab DB itself thing. We are assuming the guys did get the DB entirely and wants to guess what sickness/illness a patient has (by deducting whose doctor specialists a patient sees).

Its a very specific exemple but It's to get the global idea.

I think you'd be better going to one of the security focused forums/mailing lists for this - it's not something you'd want to get wrong ;-) My db encryption code (luckily for me!) doesn't have to deal with anything terribly confidential so I've never had to research the possible vectors and solutions in any depth.

Ok, I'll try that !

Thanks for taking your time !

We are assuming the guys did get the DB entirely and wants to guess what sickness/illness a patient has (by deducting whose doctor specialists a patient sees).

So in this case you have to encrypt everything. No idea but there must be solutions for this. Or why not just encrypt the doctor specialist description ?

@pmall is right. If you encrypt everything in your database expect relation id it would be secure.

@Charkhan A similar question was asked a few months ago in which I offered a solution to encrypt the model data (so not the relations). Post for reference: https://laracasts.com/discuss/channels/laravel/encrypting-model-data/replies/85227

Thanks guys for the proposals.

I did a copy here : http://security.stackexchange.com/questions/104470/best-way-to-secure-healthcare-data-in-db

They certainly sound more like they know what they're talking about than me - yay :-)

Use file encryption for your db files. Ssl certain for each connection. Secure accounts so get data uses a account that only can retrieve data, accounts for insert etc. ensure file permissions are strict as possible. Lock down the server access. Even ssh should be from allowed ips only.

As mentioned each level of security presents issues namely errors and performance. Luckily most security features can be pinned point to specific files and/or areas.

Another thing is logs, log everything.

Also you may need to look into upgrading your data base from MySQL community to enterprise or look into Oricle the security tools are much more robust but it costs money. In this case probably well worth the extra security.

@jekinney Thanks for the tip. We're using AWS so settings extra security layer (like firewall) is fairly easy to do.

An API is used through HTTPS, only frontend server is allowed to communicate with API and only API can communicate with DB layer...

Only needed ports are opened to minimize risks.

RDS instance (DB instance) is fully hardware encrypted.

What can I be missing ? :)

I would do that using Java EE technologies. EJB, servlets, and jsp. Some folks use spring.

@Charkhan , Hi, i know this is not a question related to your db security, but it is a healthcare related i did all the research but i'm still confused. •on how to know if you're eligible for medicaid, chip, medicare. etc. •i want to get the plans depends on my input.

what steps do i need to take to make a healthcare web broker. i followed the steps but i'm still confused. i hope you could help me, at least give me the links or websites you have used. or preferences.

my client didn't give any resources to read, so i did all my best to know how to do it. but still couldnt get it. and i'm from Philippines so the resources i get is very limited, i can't access some of the US gov. healthcare websites

Hey @charkhan

Due to spam this thread came up. Do you understand sharing what strategy did you use and why?

Thanks!

How about using multiple databases spread across multiple DCs using ssh auth with public/private keys?