Documentation -> flowlog account admin -> Autonomous Account Encryption -> What gets encrypted?

Members should be advised that when you use Autonomous Account Encryption not everything in the database gets encrypted. flowlog can't encrypt items in the database that it needs to read while searching for records in the database. So, for example, if flowlog needs to find all entry items that belong to $entry with ID 7, the entry items' "parent_id" property can't be encrypted or flowlog can't read it to do it's search. This is a technical reality that is unavoidable. flowlog also doesn't bother encrypting things which are not valuable from a data miner's perspective, as this just wastes cpu resources, which slows the site down.

This shouldn't be a problem for members' privacy though, as all the juicy data is still encrypted. For instance, if an attacker got a copy of the database they could see that an entry item belonged to an entry and that the entry belonged to an account, but they can't read the name of the account, the account's code, the notes/descriptions for the accounts or entry items, nor the dollar amounts for the entry or the individual entry items. It's just a connection between anonymized data. Please see the list below to see what gets encrypted and what doesn't so you can understand how it effects your privacy.

Encrypted: name, code, notes
Not Encrypted: IDs, dates, booleans and opening balance.

Encrypted: name, accounting method, sales tax rate.
Not Encrypted: IDs, dates, booleans, payment processor abbreviation and merchant id.

Encrypted: none
Not Encrypted: IDs, dates, booleans, name and help info.

Encrypted: Everything except below.
Not Encrypted: IDs, primary email (email is temporary due to bug/issue).

Encrypted: invoice number, tax rate, instructions, amounts, payment status info
Not Encrypted: IDs, dates, booleans.

Encrypted: Description, quantity, price, amounts.
Not Encrypted: IDs.

Warning: If you enable customer notification for any invoice, a decrypted version of the invoice and invoice items will be created in the database. This is done because, when notification is enabled, a page is created for the customer to view and pay their invoice, and without your user session and AAE key, there is no way to decrypt the normal encrypted invoice data. Access to this invoice viewing page will be denied after 30 days, but the decrypted invoice data could still be in the database, depending on various factors and current implementation. If you don't want this decrypted copy in the database, don't enable notification for the invoice, and decrypted records will never be created.

Encrypted: debit total, credit total
Not Encrypted: IDs, dates, and booleans.

Encrypted: amount, description, expected sale price, accumulated depreciation.
Not Encrypted: IDs, dates, booleans and whether it was a debit or credit.

Encrypted: none
Not Encrypted: IDs, dates, booleans, code, name and help info.

Encrypted: nothing.
Not Encrypted: IDs, booleans, frequency (days, weeks, months).

Encrypted: nothing
Not Encrypted: IDs, booleans frequency (days, weeks, months).

Encrypted: first name, middle name, and last name.
Not Encrypted: IDs, dates, booleans, username, email (req'd for pass reset feature) and icon image filename.

Encrypted: Everything except below.
Not Encrypted: IDs.

Encrypted: bill number, tax rate, instructions, amounts.
Not Encrypted: IDs, dates, booleans.

Encrypted: Description, quantity, price, amounts.
Not Encrypted: IDs.