de7444d5d5
t_orderdetail, t_orderheader, so_resultentry*, member_eligible tidak dienkripsi. Perlindungan via enkripsi identitas pasien (m_patient) + access control. Hanya t_orderdelivery (email/HP delivery) yang tetap dienkripsi. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
80 lines
4.6 KiB
SQL
80 lines
4.6 KiB
SQL
-- UU PDP: tambah kolom enkripsi PII pasien dan data medis hasil lab
|
|
-- Kolom lama TIDAK dihapus (backward compat selama masa transisi)
|
|
-- Enkripsi: AES-256-GCM, key dari .env
|
|
|
|
-- ============================================================
|
|
-- one_lab.m_patient: PII pasien (trigram bidx untuk search)
|
|
-- ============================================================
|
|
ALTER TABLE one_lab.m_patient
|
|
ADD COLUMN M_PatientName_enc TEXT NULL AFTER M_PatientName,
|
|
ADD COLUMN M_PatientName_bidx MEDIUMTEXT NULL AFTER M_PatientName_enc,
|
|
ADD COLUMN M_PatientHP_enc TEXT NULL AFTER M_PatientHP,
|
|
ADD COLUMN M_PatientHP_bidx MEDIUMTEXT NULL AFTER M_PatientHP_enc,
|
|
ADD COLUMN M_PatientDOB_enc TEXT NULL AFTER M_PatientDOB,
|
|
ADD COLUMN M_PatientDOB_bidx MEDIUMTEXT NULL AFTER M_PatientDOB_enc,
|
|
ADD COLUMN M_PatientEmail_enc TEXT NULL AFTER M_PatientEmail,
|
|
ADD COLUMN M_PatientPhone_enc TEXT NULL AFTER M_PatientPhone,
|
|
ADD COLUMN M_PatientPOB_enc TEXT NULL AFTER M_PatientPOB,
|
|
ADD COLUMN M_PatientIDNumber_enc TEXT NULL AFTER M_PatientIDNumber,
|
|
ADD COLUMN M_PatientNIK_enc TEXT NULL AFTER M_PatientNIK,
|
|
ADD COLUMN M_PatientNIP_enc TEXT NULL AFTER M_PatientNIP;
|
|
|
|
-- ============================================================
|
|
-- one_lab.m_patientaddress: alamat pasien
|
|
-- ============================================================
|
|
ALTER TABLE one_lab.m_patientaddress
|
|
ADD COLUMN M_PatientAddressDescription_enc TEXT NULL AFTER M_PatientAddressDescription,
|
|
ADD COLUMN M_PatientAddressDescription_bidx MEDIUMTEXT NULL AFTER M_PatientAddressDescription_enc,
|
|
ADD COLUMN M_PatientAddressEmail_enc TEXT NULL AFTER M_PatientAddressEmail,
|
|
ADD COLUMN M_PatientAddressPhone_enc TEXT NULL AFTER M_PatientAddressPhone;
|
|
|
|
-- ============================================================
|
|
-- one_lab.t_orderdelivery: tujuan pengiriman hasil (email/HP)
|
|
-- ============================================================
|
|
ALTER TABLE one_lab.t_orderdelivery
|
|
ADD COLUMN T_OrderDeliveryDestination_enc TEXT NULL AFTER T_OrderDeliveryDestination;
|
|
|
|
-- ============================================================
|
|
-- KEPUTUSAN: Hasil lab TIDAK dienkripsi di kolom _enc
|
|
-- Alasan: nilai lab ("34", "NORMAL") bukan PII tanpa identitas pasien.
|
|
-- Plaintext dibutuhkan trigger t_orderdetail_bu untuk flag H/L/N.
|
|
-- Perlindungan via: enkripsi identitas pasien (m_patient) + access control.
|
|
-- Tabel yang TIDAK punya _enc:
|
|
-- t_orderdetail, t_orderheader, so_resultentry*, member_eligible
|
|
-- ============================================================
|
|
|
|
-- ============================================================
|
|
-- one_lab.mcu_resume_results: TIDAK dienkripsi
|
|
-- JSON berisi nilai hasil lab (angka + flag) tanpa nama/NIK/DOB/alamat.
|
|
-- Identitas pasien hanya via T_OrderHeaderID (integer).
|
|
-- Enkripsi di sini membuat global MCU report berat (decrypt ribuan row di PHP).
|
|
-- Data di source (t_orderdetail) sudah dienkripsi.
|
|
-- ============================================================
|
|
|
|
-- ============================================================
|
|
-- one_lab_log.log_patient: audit log perubahan data pasien
|
|
-- Fix charset ke utf8mb4 (default latin1 tidak support JSON UTF-8 dari trigger)
|
|
-- ============================================================
|
|
ALTER TABLE one_lab_log.log_patient
|
|
ADD COLUMN Log_PatientJsonBefore_enc MEDIUMTEXT NULL AFTER Log_PatientJsonBefore,
|
|
ADD COLUMN Log_PatientJsonAfter_enc MEDIUMTEXT NULL AFTER Log_PatientJsonAfter;
|
|
|
|
ALTER TABLE one_lab_log.log_patient
|
|
MODIFY Log_PatientJsonBefore MEDIUMTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci,
|
|
MODIFY Log_PatientJsonAfter MEDIUMTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci,
|
|
MODIFY Log_PatientJsonBefore_enc MEDIUMTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci,
|
|
MODIFY Log_PatientJsonAfter_enc MEDIUMTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
|
|
|
|
-- ============================================================
|
|
-- one_lab_log.log_fo: audit log order FO
|
|
-- ============================================================
|
|
ALTER TABLE one_lab_log.log_fo
|
|
ADD COLUMN Log_FoJson_enc MEDIUMTEXT NULL AFTER Log_FoJson;
|
|
|
|
-- ============================================================
|
|
-- one_lab_log.log_resultentry: audit log hasil lab
|
|
-- ============================================================
|
|
ALTER TABLE one_lab_log.log_resultentry
|
|
ADD COLUMN Log_ResultEntryJSONBefore_enc MEDIUMTEXT NULL AFTER Log_ResultEntryJSONBefore,
|
|
ADD COLUMN Log_ResultEntryJSONAfter_enc MEDIUMTEXT NULL AFTER Log_ResultEntryJSONAfter;
|