HIPAA Patient Data and Nextcloud


We are a HIPAA Hosting Specialist company that is about to start allowing people to use Nextcloud on our servers. We just need to know how to secure it properly. My question is if any sensitive data is stored in the db directly? I know where the files are and how to move them out of the webroot and secure them that way. Just need to know about db.


Chris Sandberg
VM Racks

You didn’t post in any category, so your post was hidden.

The database only stores metadata, there is a file-index (file name, files size, hash, …), information about the sharing, … but not the data itself. If you use apps, they store information in the database (calendar, contacts, …).