Data encryption in DHIS

Greetings , want to do encryption of data in DHIS. had done JCE and config settings but not able to see impact. Follows the instructions given on - https://docs.dhis2.org/master/en/implementer/html/install_encryption_configuration.html Can some one guide on this. Thanks in advance.

1 Like

Hi @neelesh

I am assuming that you are trying to set some attributes as “confidential”?

If you followed all instructions and things proceeded without error then it should work but the results are sometimes a little surprising. When you add new data those attributes will indeed now be stored as encrypted. But it does not encrypt your existing data you collected before marking the attribute as encrypted. This is typically the result people are looking for.

There is another problem with encrypting at the field level which is that you will not then be able to search on those fields as they are not stored in plain text in the database. Because the same fields you want to encrypt (things like names, addresses, ids, phone numbers etc) are often the same fields that you want to search on, this can lead to lack of essential functionality.

Because of problems with both of the above, I personally have not recommended people use this feature. But you still will often want (or be required to comply with) encryption at rest - ie the confidential data is never stored in plain text on the disk. I think the best way to achieve this is:
(i) work with an encrypted disk for your postgres PG_DATA. How you do that will vary a bit depending on your OS.
(ii) be extra careful with your database backups - there is no point having your database hardened and then leaving plain backup files in your home directory. Either keep the backups on encrypted disk or preferably generate encrypted backups

Cheers
Bob

1 Like