|
On 07/26/2011 10:20 AM, Karsten Hilbert wrote: [KSB4] <...snip...> [KSB4] This is done with standard user and group membership and access permissions at the file system level. If you have a server with clinical data from two clinics whose patients are different (and so patient data from one clinic should be protected from users at the other), but both clinics share a common drug file, you would partition the logical database so that each clinic's patient data maps to one file and drug data maps to the common drug file. For Clinic P create a group clinicp and all employees of Clinic P have clinicp as their default group. The database files for Clinic P have clinicp group membership and are read/write for processes that are members of clinicp group. Similarly set up the database and users for Clinic Q. Now, they cannot access each other's patient data. The shared drug database file, can have world access for access by both clinics. Alternatively, make the drug database file not world accessible but owned by a group called allclinics and accessible to allclinics processes. Add users of both Clinic P and Clinic Q to the allclinics group. Similarly if you have a specialist who sees patients at both clinics, make his/her userid a member of both groups. If I have misunderstood the question, please give me an example, and we can work through it. Regards -- Bhaskar -- GT.M - Rock solid. Lightning fast. Secure. No compromises.
_____________
The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _____________ |