greetings again everyone, App Engine is currently not HIPAA- nor SAS 70-compliant, so highly sensitive data (HIPAA/PHI data, SSNs, CC numbers, etc.) should not be stored on App Engine. it is not a good match for that type of data at this point in time unless, as the previous poster pointed out, that you've done some bulletproof encryption of that data. unfortunately, i cannot currently comment on any timeline to get any sort of data privacy certification.
with that said however, Google is still a very responsible company that works very hard on security at all levels. i can also refer you to a whitepaper from a few years ago which highlights our efforts in this regard. although written for customers of Google Apps, many of the same policies apply to App Engine as well, and i'm sure you'll be able to figure out which ones those are. here's the link to that whitepaper: http://www.google.com/a/help/intl/en/admins/pdf/ds_gsa_apps_whitepaper_0207.pdf bottom-line: do not put unencrypted private data into App Engine at this time. best regards, -- wesley - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "Core Python Programming", Prentice Hall, (c)2007,2001 "Python Fundamentals", Prentice Hall, (c)2009 http://corepython.com wesley.j.chun :: wesc+...@google.com developer relations :: google app engine -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appeng...@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
