Microsoft has recently released Microsoft SQL Server 2008. As with the most releases of Microsoft software, it has made major improvements with features, scalability, and security. The three big features in this release that will impact the healthcare industry are the advanced data auditing, change data capture, and transparent data encryption features. These new features make major strides to helping healthcare organizations meet HIPAA and other regulatory requirements.
The SQL Server 2008 enhanced auditing feature improves compliance and security by allowing you to audit data activity. Data auditing allows you to monitor the data that is read, inserted, updated, and deleted without making any additional code changes to your system. The auditing process lets you define – down to the table level – what you would like to audit. Being able to be granular with auditing prevents you from having to store excess data, and you will save time later when you need to report the data. Additional information can be found at: Understanding SQL Server Audit.
Another key feature in the auditing process is the change data capture feature. Change data capture allows you to define the columns of the tables you want to use to log changes. These changes are then stored in a separate table that is created automatically for you by SQL Server. For data that has been inserted, updated, or deleted, you can actually get the full details of the state the data was in before and after a data operation. This allows you to be able to recreate the state of the data from any time in the past. Additional information can be found at: Change Data Capture.
The other key feature that has an impact on the healthcare industry is the transparent data encryption (TDE) feature. TDE allows you to encrypt an entire database without changing any portion of your application – you encrypt the databases data and log files on the file system. File is encrypted automatically when it is written to disk and decrypted automatically when it is read into memory. This provides a good level of protection; however, it is still important to encrypt sensitive data at the cell level in the database from within your application or the encryption features that were released with SQL Server 2005. Additional information can be found at: Understanding Transparent Data Encryption.
These major advancements with SQL Server shows how dedicated Microsoft is to helping you protect your data. As a database developer, I’m excited about this release of SQL Server.