SQLTeam.com | Weblogs | Forums

GDPR compliance

I have a 2008 database / classic asp portal. It has a column for name, email, and username.

According to the GDPR and upcoming CCPA privacy regulations, some or all of these fields may need to be encrypted.

There are hundreds of thousands of lines of code that refer to these un-encrypted columns.

Does MS SQL have a method to encrypt a column and have any code running with Windows authentication see the data without having to rewrite the stored procs and/or server-side scripting?

I hope so anyway.

Sam

do you have a dev/qa instance you can test this end to end?

I was just reading up some stuff about this. check this out

This also is a nice video

As @yosiasz suggested, TDE is your best option if you need the data at rest to be encrypted. TDE is available only in SQL Server Enterprise edition.

If you need the data to be encrypted in transit - i.e., as it travels from the client side to the database and back, you will need to modify your code. SQL Server has an Always Encrypted feature, which I am not very familiar with, but may be useful if your requirements call for encryption in transit as well.