SQL Server – HIPAA , SOX , PCI compliance

Leave a comment (0) Go to comments

SQL Server Database must be compliant with HIPAA , SOX and  PCI as per government rules. Following are basic guideline, which should be considered by DBA on any environment.

HIPAA requires an exception if you copy customer data to a dev box and do not mask the original data.

SOX wants you to lock down the database and minimize updates to production.  Check your security if developers can update production.

PCI auditing wants encryption for transactions for credit cards.  Consider Transparent Data Encryption in SQL Server 2008 if you must use this and SSL for the encryption layer.

Auditing generally requires a lot of overhead.  If you must enable auditing, make sure the server you’re using has enough space for logs and enough CPU and memory to handle the auditing overhead.

EOF - SQL Server – HIPAA , SOX , PCI compliance, SQL Server 2012 , 2008 R2 , 2008 , 2005 , 2000

Leave a Reply

Your email address will not be published. Required fields are marked *


*


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.