HIPAA experience

Hello,
I was hoping that some of the list members who have experience
building HIPAA-compliant (or SOX-compliant) django apps could share
some of their experiences. We are beginning to research possibly
implementing some internal apps in our department, but of course
working with patient data requires compliance with HIPAA and now
HITECH.

Specific areas of interest/problems we are interested in solving with
django and python (crypto):

- Auditing (particulary SQL select auditing on sensitive (ie. PHI)
tables) and the need to identify specific user's select (ie. cannot be
database triggered since django connects with as a single user).
- PHI storage encryption as now required under HITECH (I would assume
most solutions would require pycrypto here).

Anyone care to share their experiences?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.