Hey zamronypj,
Does your bank give you account number using hash value. I don't think so.
The ID field in a database
SHOULD differ from the visible account number.
The ID field in a database
SHOULD differ from your visible National Medical Patient ID number, and have an incorporated checksum, hopefully.
The ID field in a database
SHOULD differ from you National Card ID number, and have some kind of incorporated checksum like in Portugal.
The visible part
SHOULD be detached from the hidden part and that's what I'm referring to.
And getting back to the Swiss cheese model, that means that if you don't transpire an association between a database ID and the visible part, it's gonna be harder to get at the data.
No, it's not 100% secure. But what, in the IT world, is?
Again, getting back to the cheesiness, it's all about layer upon layer with the wholes not aligning!
Cheers,
Gus