Home Forums Discussions General Discussion SQL Database access

Do we own our SQL database? Should we be able to have access to the database for our own purposes- like moving it to another EMR?

If I were to hire a SQL expert, can they access the database for this purpose from my system or is it somehow protected?

In asking tech support about this, I'm being told that the whole database could be 'transferred' but it is locked and only accessible through the Amazing Charts software. Which seems quite circular and not helpful.

Prior posts by Indy, have explain how to get the information from amazing charts and doing independent SQL
All the data and then be accessed without passwords
This method, however is not a live connection
AC is offering a connection and I just signed the agreement with them today
It will be to get data to run reports

You can find the post discussing accessing the Amazing Charts database here, along with who explained how to do it.

http://amazingcharts.com/ub/ubbthreads.php/topics/59565/Re:_Looking_at_the_Amazing_Cha#Post59565

JamesNT

I sense a market here for a third-party reporting function.

Instead of each one of us contracting a 'developer', is there a way to package an add on module with flexible reporting functions? I 'd buy it. Tired of waiting and trying to suffer through the limited built-in report generator.

I would be interested in that discussion.

And, yes, Visual Studio would have everything we need.

JamesNT

Has anyone been able to get amazing charts to get SQL access as they promised
Have sent them a contract but no luck getting this completed

I am setup.

Who helped you from AC?

Russell Costa level 2 tech support, Amy Crowley.

Thanks Joel

With much persistence, I finally have this completed. Appreciate your help

After all this discussion, I thought I would throw an interesting thought out there. The moment a chart or message or addendum is saved it is saved to SQL server's databases. If you have access to the database, you then have the ability to change progress notes, messages, etc. If you do not, then any audit of your data for any purpose is known to be completely accurate.

Otherwise, even though 99.9% would not do it, the temptation is always there.

Just a thought.

Came across this post by accident. Bert, you're saying that the database could be accessed directly, thus bypassing logons,encryption, and the audit log?

While that is conceptually possible, a forensic analysis of the database and the audit log would reveal those inconsistencies.

That is in part why we recommend practices hold onto a backup from each month (the first one of the month), as this will allow a forensic analysis to disprove tampering if it is ever alleged.

No not true. Any good SQL database technician can change data so that the audit log would not reveal those inconsistencies.

While there may be encryption, I have never seen it. You can read the progress notes verbatim. They are read only, but simple to make read/write.

I thought that was the whole idea of Sunil's getting the logon info.

Not to be overly pedantic, but I am correct. Nota Bene that I said forensic analysis, which goes so much deeper that the audit log. It encompasses PK generation, child row sequencing, non-key referential validation, cross-instance comparisons, etc.

We have never got involved in the criminal side, but over the years we have been brought in to do analysis, found wrong-doing or tampered data that was turned over to Corporate legal and HR.

As with most efforts to deceive, the original act[entry] is dwarfed by the ensuing attempt to cover-up.

My intention of getting the access is to run reports and not for any other purpose

Sunil,

Then you should be fine. As long as no command you execute begins with the following words:

UPDATE
INSERT
DELETE

You'll be just fine as long as those words are not used.

JamesNT