
Rich Hickey on Datomic: Datalog, Databases, Persistent Data Structures - jestinepaul
http://www.infoq.com/interviews/hickey-datomic
======
nickik
I work in a hospital and alot of the things he talks about would be quite
cool.

Immutability: we have one big as table with tons of stuff in it (this is not
the db design you learned in school) and and even bigger table of all the
changes made. The way this is handeld in datomic would be optimal.

Querys: Query all the data based on a time stamp would be really useful.
Querys where I could combine the DB data with some other data I got from other
applications/databases, heap or somewhere else.

~~~
amalag
Would you be able to use a database hosted on EC2?

~~~
liuhenry
It's possible, but the most obvious obstacle is HIPAA compliancy.

Check out AWS's whitepaper [1] and some discussion [2].

[1][http://d36cz9buwru1tt.cloudfront.net/AWS_HIPAA_Whitepaper_Fi...](http://d36cz9buwru1tt.cloudfront.net/AWS_HIPAA_Whitepaper_Final.pdf)
[2][http://healthcareit.stackexchange.com/questions/812/can-
phi-...](http://healthcareit.stackexchange.com/questions/812/can-phi-be-hipaa-
compliant-on-a-cloud)

~~~
siavosh
I never understood Amazon's stance. Their whitepaper and case studies just
says medical companies have built applications on our cloud. What they fail to
mention is whether they were only able to do so by anonymizing the data prior
to upload which means in fact there isn't any PHI on their clould.

They seem to circumvent these disclosures for the obvious reasons of liability
and the fact that today you really need a signed Business Associate (BA)
agreement with any 3rd party company that may host PHI. Hospital compliance
officers would have a heart attack if they hear 'clould' and no BA offered.

The whole AWS medical position feels very hand wavy--yet another reasons this
whole medical industry has such a hard time innovating.

~~~
tednaleid
I worked for a company that had a large amount of HIPAA data on Amazon's EC2
platform. We did significant encryption (including field-level encryption) on
the data to help mitigate security concerns.

We were able to pass security inspections by 4 fortune 500 health companies
with this model (though a couple of them needed significant hand-holding).

It made querying that data a pain in the ass because you couldn't do a SELECT
... WHERE <encrypted field> = 'foo' as the data wasn't encrypted client side.

One cool thing about datomic is that the query engine runs client side, so it
can also invoke client side methods as part of the query. This means that if
you had encrypted data in your store, that it could be trivially decrypted
client-side and you could potentially get the full expressiveness of the
language to work with your data.

~~~
siavosh
Thanks for the info. Just curious were the encryption keys stored on EC2 as
well? Dataomic client/peer model is definitely interesting.

~~~
tednaleid
They were, but not on the same nodes as the data was on. They were in a
different AWS security zone with different ssh keys/access privileges.

------
olifante
Interesting, but not up to the usually stellar level of Rich Hickey's own
presentations.

~~~
guns
I believe Rich Hickey discussed Datomic in his Clojure/west keynote:

<http://clojurewest.org/sessions/>

I'm looking forward to the release of the conference videos.

------
198d
For some reason, I really like this simple idea of "persistent, durable data
structures".

