locked
Is SQL Server CFAR part 11 compliant? RRS feed

  • Question

  • Is anyone familiar with the CFAR part 11 compliance requirements (IRB standards for the protection of medical health records information used in scientific study protocols) and if the security features of SQL Server meet those standards?  I'm pretty sure they do, but just want to know if there is any documentation anywhere that expressly states that it does?
    Wednesday, July 15, 2009 5:22 PM

All replies

  • I'm not sure if there is an explicit document, but yes SQL Server 2008 has all of the security tools necessary.  On top of appropriately encrypting data, you are also going to need to implement transparent data encryption so that the data at rest (on disk in the data files as well as backups) is encrypted.
    Mike Hotek BlowFrog Software, Inc. http://www.BlowFrogSoftware.com Affordable database tools for SQL Server professionals
    Thursday, July 16, 2009 3:19 AM
  • Does SQL Server 2005 also have all of these security tools?
    Thursday, July 16, 2009 7:16 PM
  • No.  The most significant one is transparent data encryption.  That feature is only available in SQL Server 2008
    Mike Hotek BlowFrog Software, Inc. http://www.BlowFrogSoftware.com Affordable database tools for SQL Server professionals
    Friday, July 17, 2009 5:20 AM