SQL Resources for Compliance
Author: Denny Lee
Reviewers: Prem Mehra, Kevin Cox
With the terabytes of data that are being stored today - truly representing the data explosion that we've always talked about - it's becoming more and more difficult to provide an audit trail or utilize tools that can ensure that your SQL environment is compliant. To help resolve this problem, we've introduced some guidance in the form of our SQL Server Reaching Compliance Guide. We have built up more resources and case studies so you can reference them to help you build a compliant SQL Server environment. These resources include:
- SQL Server Reaching Compliance: Whitepaper
- SQL Server Reaching Compliance: Sample Scripts, Presentations, and Tools
- SQL Server Compliance Site
- Enterprise Policy Based Management Framework
- Instructions for using SQL Server 2008 in FIPS 140-2-compliant mode
And recently added is SQL Server helping with HIPAA compliance in action:
As a teaching hospital of Harvard Medical School, and the largest member of the CareGroup Healthcare System, Beth Israel Deaconess Medical Center needs an IT infrastructure with auditing capabilities to help it remain in compliance with regulations including those of the Health Insurance Portability and Accountability Act (HIPAA). The organization has more than 2 terabytes of information, including data warehouses, clinical applications, and other solutions hosted using Microsoft® SQL Server® database software. BIDMC is upgrading to Microsoft SQL Server 2008 Enterprise to take advantage of advanced auditing and transparent data encryption features in the latest version of SQL Server to help it meet HIPAA and other regulatory requirements. As early adopters, CareGroup IT professionals helped Microsoft create the new SQL Server 2008 Compliance Software Development Kit.
As well, for all of your interested in evidence that SQL Server can be used for PCI compliance as per the Payment Credit Industry Data Security Standards (PCI DSS), check out: