> Or do Hospital and Insurance enterprise systems allow them to run raw SQL on their DBs?
There's no good reason not to, since if your security and auditing systems are correctly implemented, limited-permission DB users doing direct SQL have the same security and accountability as someone using a specialized app.
There's no good reason not to, since if your security and auditing systems are correctly implemented, limited-permission DB users doing direct SQL have the same security and accountability as someone using a specialized app.