| |
 |
|
Oracle Tips by Burleson |
Web Stalkers
Chapter 1 -
The Illusion of Anonymity
Web Site Responsibility for Data Privacy
In a typical website, data access occurs at many levels:
-
at the end user presentation layer;
-
at the middle tier;
-
at the application server layer;
-
at the web server layer;
-
at the standalone application screens; and finally,
-
at the database level directly.
Dealing with confidential data on the web
Responsible websites, with confidential medical or financial
information, are required by law to have strict auditing systems and
be able to provide a report on anyone and everyone who has viewed
specific data.
Many Federal laws such as the Health Insurance Portability and
Accountability Act of 1996 (HIPAA), the Sarbanes Oxley Act (SOX) and
the Gramm Leach Bliley Act (GLBA) changed the way that databases are
secured and audited. Some of these federal regulations impose severe
criminal penalties for non-compliance and malfeasance with protected
data.
For example, HIPAA laws provides that an intentional leak of
information calls for a fine of up to $250,000 per incident and may
result in the imprisonment of the executive in charge for a period
up to 10 years. The severity of the penalty and the personification
of responsibility is enough to make the executives of many
organizations take this law and the issue of privacy and information
protection very seriously. Non-compliance with these regulations can
also expose companies to multi-million dollar civil lawsuits from
customers if their private information has been improperly
disclosed.
|
Download your Oracle scripts now:
www.oracle-script.com
The
definitive Oracle Script collection for every Oracle professional DBA
|
|
