We are working with vendor for some quotes of upgrades.
Since there are more users and business items in our database, the vendor need a copy of our database to evaluate to see the price we should pay.
In case like this or if vendor wants a copy of our database to trouble shoot.
We don't want the vendor see some of our sensitive data, how can we mask the data or encrypt data if we give a copy of our database?
Thanks
You would have to restore a backup as another database and remove/encrypt sensitive data.
Normally though, this would be handled in the BAA with specified non-disclosures defined in the contract. The vendor would agree to safeguard the sensitive information and not utilize that information for any purposes other than specifically outlined in the contract.
In fact - before sharing a copy of a database you definitely need that contract in place. You have a responsibility for PII/PHI/IP and need to make sure the vendor will be liable for any breaches or violations.
If possible, I would not send a copy of the database - rather, have the vendor spell out the information they need and provide that information from queries that you control and can mask.
Jeffrey Williams
“We are all faced with a series of great opportunities brilliantly disguised as impossible situations.”
― Charles R. Swindoll
How to post questions to get better answers faster
Managing Transaction Logs
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply