Databases
StackOverflow2013
Postsdbo
POOverloading a Native PHP Function to Encrypt Data for HIPAA Compliance
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POOverloading a Native PHP Function to Encrypt Data for HIPAA Compliance
    primarykey
    data
    text
    <h1>Background Information:</h1> <p>I'm part of a team of developers that runs a web application that stores and retrieves HIPAA (medical) data. Recently, the HIPAA guidelines were updated to include a policy that requires that all identifying client information be encrypted when it is "at rest" (stored in the database and not being accessed).</p> <h1>The Initial Problem</h1> <p>The first problem we had to tackle was determining the best way to two-way encrypt the data in a manner that makes the data secure in the event of a breach.</p> <h1>The initial Solution</h1> <p>The quickest solution we came up with was to use <a href="http://us.php.net/mcrypt" rel="nofollow noreferrer">mcrypt</a> to encrypt the data <em>before</em> we inserted it into the database.</p> <h1>The New Problem</h1> <p>The application we're developing is quite old (as web applications go) and uses a lot of procedural programming as well as heavy reliance on the <a href="http://us.php.net/mysql_query" rel="nofollow noreferrer">mysql_query</a> function to insert, update, retrieve, and delete data. We do not have the time or luxury of translating our code to a database-abstraction-layer. So, the only way to implement this encryption/decryption system is to manually edit all of the CRUD queries to use data that's been encrypted via <a href="http://us.php.net/mcrypt" rel="nofollow noreferrer">mcrypt</a>. This is very inefficient and extremely error-prone.</p> <h1>Our Proposed Solution</h1> <p>We decided that the fastest and most effective way to solve our problem is to overwrite the native <a href="http://us.php.net/mysql_query" rel="nofollow noreferrer">mysql_query</a> function with one of our own devising. In our new function, we would encrypt/decrypt the data values before sending the query to the server/ returning the resultset. </p> <h1>Where You Folks Come In</h1> <ol> <li>Is this the best solution to solving our initial problem?</li> <li>How do you go about overwriting an existing, core PHP function?</li> </ol>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USMartin Thorsen Ranang
    1. USLevi Hackwith
    plurals
    1. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    3. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POOverloading a Native PHP Function to Encrypt Data for HIPAA Compliance
      1. USSarfraz
      1. VTFavorite
    2. VO
      singulars
      1. POOverloading a Native PHP Function to Encrypt Data for HIPAA Compliance
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. POOverloading a Native PHP Function to Encrypt Data for HIPAA Compliance
      1. This table or related slice is empty.
      1. VTUpMod
    1. COSo the problem is to encrypt data while it's been transferred to DB server? Or store it in an encrypted fashion?
      singulars
      1. POOverloading a Native PHP Function to Encrypt Data for HIPAA Compliance
      1. USAlex N.
    2. COTo store it in an encrypted fashion and then easily retrieve, decrypt, and display it as necessary.
      singulars
      1. POOverloading a Native PHP Function to Encrypt Data for HIPAA Compliance
      1. USLevi Hackwith
    3. COI think you may be doing this at the wrong layer. Did you consider encrypting the entire MySQL database? Some solutions for this are discussed in [this question](http://stackoverflow.com/questions/143750/mysql-and-data-file-encryption).
      singulars
      1. POOverloading a Native PHP Function to Encrypt Data for HIPAA Compliance
      1. USMatthew Flaschen
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload