Sample Header Ad - 728x90

How can I isolate sensible information from a publicly accessible database?

0 votes
1 answer
100 views
security data-synchronization data-masking
I am working for a medical private practice, and we are planning to install an appointment booking system via our webpage. The appointment system is a PHP application storing its records in an SQL database that can be on the webserver itself or on a remote server. Due to the use case, the database will contain very sensitive personal information* that must be kept secret from the public. Hardening access to the database is one point, but I guess that an important entry hole to the data would be the PHP application itself. Is there a recommended way to isolate the sensible data from public access? I could imagine a system such as the following: *public* -> access via PHP app on publicly accessible server -> *SQL database with masked sensitive entries* *private SQL database with full entries* *employees* In that way, even if the PHP application would expose data to public, the sensitive data would be protected. Also, gaining access to the publicly available SQL database itself would be less critical. Mapping between the two databases would be through a unique hash-code for each of the entries. Effectively, this is just a pseudonymization and not an anonymization. But still, it is an additional layer of security. I just don't know whether there is a ready-made way for such an implementation. Basically, any change in the *SQL database with masked sensitive entries* should trigger a sync with a subsequent masking (since customer entries made from *public* need to be masked). Is there a better implementation? I would be very pleased for any suggestion. --- \* Patients would enter sensitive data in the public database, and we need this data to do our job (we need names, contact, and some medical information). But as soon as this data is entered, it should be transferred to the private database and be made unavailable in the public database. But still, I don't want to fuzz with the PHP application which is pre-made. Masking the data in the public database (e.g., with *s) would make the PHP application just work as usual
Asked by Gunnar (3 rep)
Jan 4, 2025, 10:11 AM
Last activity: Jan 6, 2025, 12:33 PM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Database Administrators

More questions tagged "security"
More questions tagged "data-synchronization"
More questions tagged "data-masking"
Footer Ad - 728x90