Rails’ encrypts directive is great until you need full-text search across those columns. You can’t query what the database can’t see — that’s the whole point.

I wrote up how I built a searchable index over encrypted compliance records using PostgreSQL tsvectors, per-organization opt-in, and instant purge. Covers the architecture, the trade-offs, weighted search with fuzzy fallback, and what I’d actually tell a SOC 2 auditor about it.

https://maciej.litwiniuk.net/posts/2026-02-25-searchability-for-encrypted-records/