Posted by DA Morgan on 12/08/07 23:37

--CELKO-- wrote:
>>> you are jumping to conclusions without knowing anything about the problem. What if there are no legal issues at all? <<
>
> 1) I live in the Untied States where we have one lawyer for every 400
> citizens. Look up the figures for Japan to get an idea how bad this
> is. So, there is a always a legal issue :) And if there isn't one
> now, there will next week.
>
> 2) Putting audit data in the same table is like putting the LOG file
> on the same hard drive as the DB. You guarantee that recovery will be
> impossible. An audit trail should require at least two "signatures"
> to change an audit entry; this schema allows one user to do that if he
> has access to the timestamps. This is simply good programming, even
> without the lawyers.

Joe is absolutely correct. In the US, at least, there are always
legal issues. Anyone that pretends they are not around the corner
needs a heavy dose of reality.

An audit trail, by definition, must be unalterable by anyone with
access to the hardware or software. And in many countries that isn't
just who altered the data ... but who saw it as it is, for example,
under HIPAA.
--
Daniel A. Morgan
University of Washington
damorgan@x.washington.edu (replace x with u to respond)

[Back to original message]