>Jose,
>
>The problem here is not so much limiting access to the data for authorized users as it is prohibiting access outside the application. FoxPro tables are easily read by other application (e.g. Excel) and that is what we are trying to prevent. A suggestion was given to me this morning about separating sensitive data out of the main Patient table and linking to it. So I would have a PatientName table, a PatientSSN table and a PatientDemographics table and none of the sensitive data is connected to anything but a key. Might be my best option if I can't encrypt this data. Thanks for the ideas.
>
>Criss
I really like this idea! I don't know if you are using the DBC. But if you don't it's something you might consider. You could limit the users to only see the data from outside (although the VFP ODBC driver is not so common), but totally forbid them to change sensitive information. Suppose goApp is your application object and Validate() a method of it. For some field in your database, the validation rule could be !EMPTY(
) AND goApp.Validate().
Just a few more ideas...
José