Free Oracle Tips   HTML Text AOL

Free Oracle App Server Tips   HTML Text

Oracle support

Oracle training

Oracle tuning

Rednecks!

Remote Oracle

Custom Oracle Training

Oracle Tips by Burleson

Chapter 3 Introducti

them in a register, or by using an automated entry system using keypad access, or by a security camera recording all personnel entering and leaving the room, or perhaps a combination of all of these.

In Oracle, recording object accesses is known as object auditing. For example, if the user accesses the table named claims, the fact is recorded in the audit trail, along with several other useful pieces of information, like the timestamp of access, IP address of the user's machine, the exact privileges used to access the table, the nature of the access (did the user delete some data, insert some records, update some fields, or simply select some rows), and many others. From this audit trail, a detailed track of the user's activity can be reconstructed. It is different from user auditing, where the fact that the user simply accessed the database is recorded, not the objects he or she accessed.

HIPAA regulations require that object access auditing be enabled and monitored. However, common sense shows that the auditing is not going to be useful for all of the objects, only a few key tables must be audited for unauthorized access. The definition of key tables depends on the data they contain and whether or not the data is sensitive. For instance, the table containing the Protected Health Information (PHI) data such as claims, member, billing information, etc., may be specifically audited.