I will be needing some encryption in order to be HIPAA compliant and would like to use Cipher if possible.

I'd like some suggestions on how best to use it. I have a table of patients and when they visited and who they saw, and I may be able to get away with only encrypting the patient name field, rather than the whole table as I would expect with Cryptor.

Ultimately, the key has to be hard-coded or stored in a table somewhere doesn't it? And doesn't it have to stay the same for each field throughout the whole time the app is used? Or, did you cycle the encryption key and REPLACE ALL with a decrypt/re-crypt from time to time?

All suggestions welcome!