Encryptable Laravel Package

Product Decisions This Supports

• Compliance & Security Roadmap: Enables encryption of sensitive PII (Personally Identifiable Information), PHI (Protected Health Information), or payment data at rest, aligning with GDPR, HIPAA, or PCI-DSS requirements without custom development.
• Build vs. Buy: Avoids reinventing encryption logic for Eloquent models, reducing technical debt and accelerating time-to-compliance.
• Data Privacy Features: Supports feature requests for "sensitive field" handling in user profiles, payment gateways, or healthcare applications where encryption is mandatory.
• Legacy System Modernization: Provides a lightweight way to retroactively secure existing Laravel applications without full database migrations or schema changes.
• Multi-Tenant Isolation: Useful for SaaS products needing tenant-specific encryption keys or role-based data encryption (e.g., admin vs. user access to sensitive fields).

When to Consider This Package

• Adopt when:

  • Your Laravel app stores sensitive data requiring encryption at rest (e.g., passwords, tokens, medical records, or financial details).
  • You need transparent encryption/decryption without manual encrypt()/decrypt() calls in business logic.
  • Your team lacks cryptography expertise but needs a batteries-included solution with Laravel’s built-in encryption.
  • You’re using Eloquent models and want to avoid application-layer encryption logic (e.g., in controllers or services).
  • Compliance audits demand automated encryption for specific fields (e.g., "credit card numbers" or "SSNs").

• Look elsewhere if:

  • You need field-level granularity (e.g., encrypt only parts of a string) or custom encryption algorithms (this uses Laravel’s default encrypt).
  • Your data volume is extremely high, and performance overhead of per-field encryption is unacceptable (benchmark first).
  • You require key management beyond Laravel’s default (e.g., AWS KMS, HashiCorp Vault) — this package uses APP_KEY.
  • You’re using Laravel 9+ (last release was 2020; check for forks or alternatives like spatie/laravel-encryption).
  • You need searchability on encrypted fields (this package doesn’t support indexed searches on encrypted data).

How to Pitch It (Stakeholders)

For Executives: "This package lets us encrypt sensitive customer data automatically—like credit cards, medical records, or passwords—without writing custom code. It’s a turnkey solution to meet GDPR/HIPAA compliance, reduces audit risks, and integrates seamlessly with our existing Laravel apps. The tradeoff? Minimal performance impact (only for marked fields) and no upfront dev effort. For ~$0 cost, we eliminate a major compliance gap."

For Engineering: *"Need to encrypt Eloquent model fields without boilerplate? This trait handles it:

• Zero manual encryption: Mark fields in $encryptable, and the package handles the rest.
• Leverages Laravel’s encryption: Uses APP_KEY (already in .env), so no new dependencies.
• Backward-compatible: No database changes; just add the trait to your models. Caveats: Last updated in 2020 (test in staging), and no support for advanced key management. For new projects, consider spatie/laravel-encryption as an alternative."*