How to securely store sensitive data (e.g. salary) in Frappe/ERPNext

Hi everyone,

I got a need in ERPNext where we need to store sensitive information — such as employee salary or confidential performance feedback — and ensure this data is protected from unauthorized access, including from database administrators (DBAs) who may have direct access to the database server. How modern database work with that? Did you solve it with the DOCTYPE event?

I’d like to understand the best practices and real-world approaches for handling sensitive fields securely in Frappe/ERPNext.

I’d love to hear from others who have tried to implement secure storage for sensitive data in ERPNext. Any tradeoffs you’ve encountered between security and usability?

Thanks in advance!

Hi there,

Bottom line: I don’t think there’s a good way to do this. If somebody has access to the database, they have access to the data.

The technical answer here is encryption, of course. You might be able to make something like that work for isolated fields like performance feedback text, but it’d be a mess for anything with accounting implications.