| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Alex John <alex(dot)john(at)holmusk(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: PostgresSQL and HIPAA compliance |
| Date: | 2016-06-17 18:03:44 |
| Message-ID: | 57643B80.2070804@commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 06/17/2016 03:03 AM, Alex John wrote:
> Hello, I have a few questions regarding the use of PostgreSQL and HIPAA
> compliance. I work for a company that plans on storing protected health
> information (PHI) on our servers. We have looked at various solutions for doing
> so, and RDS is a prime candidate except for the fact that they have explicitly
> stated that the Postgres engine is *not* HIPAA compliant.
>
Correct but that isn't a Postgres problem, it is an RDS one.
> Users on the IRC channel generally say that the guidelines are more catered
> towards building better firewalls and a sane access policy, but I would like to
> know if there is anything within the implementation of Postgres itself that
> violates said compliance.
No.
>
> If anyone works at a similar company and utilizes postgresql to store PHI,
> please let me know.
>
We do (see sig) for multiple companies and it is fully compliant.
Your issue isn't PostgreSQL.
JD
--
Command Prompt, Inc. http://the.postgres.company/
+1-503-667-4564
PostgreSQL Centered full stack support, consulting and development.
Everyone appreciates your honesty, until you are honest with them.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Durgamahesh Manne | 2016-06-17 18:07:35 | Re: Re: regarding schema only migration from sqlserver to postgres with runmtk.sh |
| Previous Message | James Keener | 2016-06-17 17:59:24 | Re: PostgresSQL and HIPAA compliance |