|
|
COMPLIANCE
Implement FileMaker Pro Database Change History
Discover a range of audit logging techniques to help you meet compliance mandates, while also making data backup and recovery easier.
UNLOCKED -- This article is provided to subscribers of FILEMAKER ADVISOR or COMPLIANCE SOLUTIONS ADVISOR or LAW TECH ADVISOR or DATABASED ADVISOR or FILEMAKER ADVISOR. To subscribe or renew, go to Advisor Store.
PAGE 1 of 1 - 2 - 3 - 4 - 5 - » Next
It's time to start watching your database a little more carefully. Why? Well, if you work in a corporate environment, or track any kind of human educational, medical, or financial data, chances are good you're mandated to do so. But, believe it or not, those aren't the only reasons to track what's happening to the data in your databases. Providing detailed usage analysis and heightened security are among other compelling reasons to track user database modification activities. In addition, those who track changes also get the big bonus of easier data backup and recovery.
In this article, I discuss several levels of tracking but only as they relate to logging mandates, starting with the very simple and ending with a granular level of tracking. In each case, I briefly discuss techniques you can use to accomplish the logging. This article isn't intended as a blueprint for implementing logging, but rather as a sketch of the general approach.
Compliance mandates
But first, what are the regulatory mandates themselves that govern audit logging? Following is an excerpt from a recent white paper by Steven Blackwell, a data security and protection expert in the FileMaker developer community:
"As a result of Sarbanes-Oxley, or of the HIPAA regulations covering various personally identifiable medical and healthcare information, or of Gramm-Leach-Bliley Act requirements for financial institutions, or of Payment Card Industry requirements for credit card processing, or of Buckley Act requirements for management of student data, many organizations have adopted extensive security policies governing specific steps that must be taken to assure confidentiality, integrity, and availability of digital assets. Additionally many companies or organizations not covered by various regulatory frameworks have also adopted, as a matter of Best Practices, similar requirements. In the not-for-profit sector this often includes the business leagues of regulated industries (501c6), educational, literary or scientific professional organizations (501c3), and foundations (501c9) supported by various businesses or industries."
You can download the complete white paper from: http://worldsync.com/fmDataGuard/RealTime.pdf
So, assuming your database fits into the wide range of information systems covered by government regulations, or you see the independent merit of tracking changes for one of the benefits discussed in Steven's quote, let's take a look at some various levels of change tracking and the methodology behind each.
Simple tracking
Perhaps the simplest form of tracking, and one every table in every database should have, is accomplished by adding four fields (table 1).
By adding these four fields, you can determine a number of things about activities that take place in your databases, such as limited usage analysis. The process of adding them (if you don't have them already) is simple. In fact, if you have FileMaker Pro Advanced, you can create them in one table, then copy and paste them into other tables.
Although simple to implement, this approach is limited in its ability to provide real activity tracking. First of all, it only tracks the last change, and only captures the date, time, and user name. This limited information falls well short of meeting any regulatory requirements and provides little in the way of backup or recovery.
| Table 1: Simple tracking fields -- Field definitions for simple audit tracking approach. |
| Field Name | Field Type | Auto-Entry Options |
| CreationTimestamp | Timestamp | Auto-Enter Creation Timestamp |
| Creator | Text | Auto-Enter Creator Name |
| ModificationTimeStamp | Timestamp | Auto-Enter Modification Timestamp |
| Modifier | Text | Auto-Enter Modifier |
PAGE 1 of 1 - 2 - 3 - 4 - 5 - » Next
 Jason Erickson is CEO of WorldSync, Inc., and chief architect and engineer of SyncDeK. Jason built the first version of SyncDeK in 1999 for FileMaker 4.1, using a combination of FileMaker Pro scripting and five different third-party plug-ins. SyncDeK 7 is a Java-based, background, distributed data sharing network, providing secure data replication, data transmission, file manipulation, and version management for FileMaker Pro and FileMaker Server 9, 8, 7, and 6. Also from WorldSync, fmDataGuard provides audit technology to meet regulatory compliance, logs all data changes, and allows for instant data rollback for quick recovery from a crash or corruption.
Keyword Tags: Compliance, FileMaker, FileMaker Development, FileMaker FileMaker Pro
ADVISORAMA For NASA, space is still a high priority. -- Al Gore, American vice president |
ARTICLE INFO
Web Edition: 2008 Week 04, Doc #19342Print Edition: February/March 2008, Page 9
 ARTICLE LOCKED
|
FileMaker Advisor Sponsors |
Read the advanced guide to creating custom business database solutions with FileMaker software. Subscribe now to gain access to all the archives and downloads.![]()
Learn the fundamentals of using FileMaker Pro software. Every issue gives you step-by-step instructions on creating the databases you need. Subscribe now!![]() ![]()
![]()
See exactly how to do it, step-by-step, in Advisor Academy CDs created by the top experts. Click to see what you can learn right now.![]()
Keep up! Hot News, How-To, Tips & Tricks, Expert Advice, and more. Click to request your's free.![]() ![]()
What direction are you going with your business? Advisor Guides are packed with the answers you need to work smarter. Can you afford to fall behind?![]()
Submit your tips, techniques and advice and let Advisor promote your business and build your career. Show the world what you know!![]() ![]()
|
|