fajri/BE_IBL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d04d8add35493a4378f404e2a538bfea4dfcfe71
BE_IBL/sql/manual_changes/2026-05-31-pdp-encrypt-columns.sql
sas.fajri de7444d5d5 FHM31052601IBL - drop _enc hasil lab: nilai klinis bukan PII, trigger butuh plaintext 
t_orderdetail, t_orderheader, so_resultentry*, member_eligible tidak dienkripsi.
Perlindungan via enkripsi identitas pasien (m_patient) + access control.
Hanya t_orderdelivery (email/HP delivery) yang tetap dienkripsi.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-31 15:49:37 +07:00

80 lines
4.6 KiB
SQL
Raw Blame History

-- UU PDP: tambah kolom enkripsi PII pasien dan data medis hasil lab
-- Kolom lama TIDAK dihapus (backward compat selama masa transisi)
-- Enkripsi: AES-256-GCM, key dari .env
-- ============================================================
-- one_lab.m_patient: PII pasien (trigram bidx untuk search)
-- ============================================================
ALTER TABLE one_lab.m_patient
ADD COLUMN M_PatientName_enc TEXT NULL AFTER M_PatientName,
ADD COLUMN M_PatientName_bidx MEDIUMTEXT NULL AFTER M_PatientName_enc,
ADD COLUMN M_PatientHP_enc TEXT NULL AFTER M_PatientHP,
ADD COLUMN M_PatientHP_bidx MEDIUMTEXT NULL AFTER M_PatientHP_enc,
ADD COLUMN M_PatientDOB_enc TEXT NULL AFTER M_PatientDOB,
ADD COLUMN M_PatientDOB_bidx MEDIUMTEXT NULL AFTER M_PatientDOB_enc,
ADD COLUMN M_PatientEmail_enc TEXT NULL AFTER M_PatientEmail,
ADD COLUMN M_PatientPhone_enc TEXT NULL AFTER M_PatientPhone,
ADD COLUMN M_PatientPOB_enc TEXT NULL AFTER M_PatientPOB,
ADD COLUMN M_PatientIDNumber_enc TEXT NULL AFTER M_PatientIDNumber,
ADD COLUMN M_PatientNIK_enc TEXT NULL AFTER M_PatientNIK,
ADD COLUMN M_PatientNIP_enc TEXT NULL AFTER M_PatientNIP;
-- ============================================================
-- one_lab.m_patientaddress: alamat pasien
-- ============================================================
ALTER TABLE one_lab.m_patientaddress
ADD COLUMN M_PatientAddressDescription_enc TEXT NULL AFTER M_PatientAddressDescription,
ADD COLUMN M_PatientAddressDescription_bidx MEDIUMTEXT NULL AFTER M_PatientAddressDescription_enc,
ADD COLUMN M_PatientAddressEmail_enc TEXT NULL AFTER M_PatientAddressEmail,
ADD COLUMN M_PatientAddressPhone_enc TEXT NULL AFTER M_PatientAddressPhone;
-- ============================================================
-- one_lab.t_orderdelivery: tujuan pengiriman hasil (email/HP)
-- ============================================================
ALTER TABLE one_lab.t_orderdelivery
ADD COLUMN T_OrderDeliveryDestination_enc TEXT NULL AFTER T_OrderDeliveryDestination;
-- ============================================================
-- KEPUTUSAN: Hasil lab TIDAK dienkripsi di kolom _enc
-- Alasan: nilai lab ("34", "NORMAL") bukan PII tanpa identitas pasien.
-- Plaintext dibutuhkan trigger t_orderdetail_bu untuk flag H/L/N.
-- Perlindungan via: enkripsi identitas pasien (m_patient) + access control.
-- Tabel yang TIDAK punya _enc:
-- t_orderdetail, t_orderheader, so_resultentry*, member_eligible
-- ============================================================
-- ============================================================
-- one_lab.mcu_resume_results: TIDAK dienkripsi
-- JSON berisi nilai hasil lab (angka + flag) tanpa nama/NIK/DOB/alamat.
-- Identitas pasien hanya via T_OrderHeaderID (integer).
-- Enkripsi di sini membuat global MCU report berat (decrypt ribuan row di PHP).
-- Data di source (t_orderdetail) sudah dienkripsi.
-- ============================================================
-- ============================================================
-- one_lab_log.log_patient: audit log perubahan data pasien
-- Fix charset ke utf8mb4 (default latin1 tidak support JSON UTF-8 dari trigger)
-- ============================================================
ALTER TABLE one_lab_log.log_patient
ADD COLUMN Log_PatientJsonBefore_enc MEDIUMTEXT NULL AFTER Log_PatientJsonBefore,
ADD COLUMN Log_PatientJsonAfter_enc MEDIUMTEXT NULL AFTER Log_PatientJsonAfter;
ALTER TABLE one_lab_log.log_patient
MODIFY Log_PatientJsonBefore MEDIUMTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci,
MODIFY Log_PatientJsonAfter MEDIUMTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci,
MODIFY Log_PatientJsonBefore_enc MEDIUMTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci,
MODIFY Log_PatientJsonAfter_enc MEDIUMTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
-- ============================================================
-- one_lab_log.log_fo: audit log order FO
-- ============================================================
ALTER TABLE one_lab_log.log_fo
ADD COLUMN Log_FoJson_enc MEDIUMTEXT NULL AFTER Log_FoJson;
-- ============================================================
-- one_lab_log.log_resultentry: audit log hasil lab
-- ============================================================
ALTER TABLE one_lab_log.log_resultentry
ADD COLUMN Log_ResultEntryJSONBefore_enc MEDIUMTEXT NULL AFTER Log_ResultEntryJSONBefore,
ADD COLUMN Log_ResultEntryJSONAfter_enc MEDIUMTEXT NULL AFTER Log_ResultEntryJSONAfter;
Reference in New Issue View Git Blame Copy Permalink