I bet storing a SHA hash of each audit entry would suffice. Then
validation could
regularly choose audit entries at random, re-hash, and compare, proving
that the
values didn't mutate.
Thank you.
Proving that values didn't mutate isn't the same as preventing them from
being mutated.
Nor would hashing each entry separately prevent them from being deleted.
Deleting an entry indicating that so-and-so accessed such-and-such a record
at such-and-such a time would be a pretty serious form of tampering.
But in this context of health information requirements, does "immutable"
really mean "immutable"; that is, incapable of being changed? Or does it
only mean that changes can be detected? And if it means the latter, do we
have to have audit logs of the audit logs, and audit logs of the audit logs
of the audit logs?
I'm thinking that the plain language of the "immutable" requirement is
nonsensical, but that in practice there are techniques that the people who
created the requirement will accept as meeting it. If so, what are they?
Ken Dibble
www.stic-cil.org
_______________________________________________
Post Messages to: ProFox@leafe.com
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/5.2.1.1.1.20130110134842.01c1e...@pop-server.stny.rr.com
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.