Uploaded image for project: 'i2b2 Core Software'
  1. i2b2 Core Software
  2. CORE-145

Users with LDS access can view de-identified data (i.e. reports)

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 1.7.02
    • 1.7.04
    • CRC Cell
    • None
    • Timeline View
    • Roles Based Access
    • i2b2 Core
    • All databases
    • All Web Browsers
    • This can be reproduced in the i2b2 testing environment (release 1.7.02).
    • Hide
      Tested with build 1.7.04.0001 and the issue still exists.

      Tested with build 1.7.04.0002 and this issue appears to be working correctly.
      Show
      Tested with build 1.7.04.0001 and the issue still exists. Tested with build 1.7.04.0002 and this issue appears to be working correctly.

    Description

      Users with Limited data access are able to view de-identified data in the i2b2. Users with DATA_LDS should not be able to see any data that can be encrypted.

      Only those users with DATA_DEID (de-identified) access can view information that can be encrypted (i.e. text in the *_blob columns). If the data is encrypted the user will still need the decryption key to decrypt the data before viewing it.

      Attachments

        Activity

          Ascending order - Click to sort in descending order
          jmd86 Janice Donahoe created issue -
          jmd86 Janice Donahoe made changes -
          Field Original Value New Value
          Fix Version/s 1.7.04 [ 10160 ]
          Reproduction Notes This can be reproduced in the i2b2 testing environment (release 1.7.02).
          Assignee Mike Mendis [ mem61 ]
          i2b2 Sponsored Project/s i2b2 Core [ 10196 ]
          Status New [ 10000 ] Open [ 1 ]
          mem61 Mike Mendis made changes -
          Status Open [ 1 ] In Progress [ 3 ]
          mem61 Mike Mendis made changes -
          Assignee Mike Mendis [ mem61 ] Janice Donahoe [ jmd86 ]
          Status In Progress [ 3 ] Ready to Test [ 10001 ]
          jmd86 Janice Donahoe made changes -
          Status Ready to Test [ 10001 ] Testing [ 10002 ]
          jmd86 Janice Donahoe made changes -
          Testing Notes Tested with build 1.7.04.0001 and the issue still exists.
          Status Testing [ 10002 ] Testing [ 10002 ]
          jmd86 Janice Donahoe made changes -
          Assignee Janice Donahoe [ jmd86 ] Mike Mendis [ mem61 ]
          Status Testing [ 10002 ] Reopened [ 4 ]
          mem61 Mike Mendis made changes -
          Status Reopened [ 4 ] In Progress [ 3 ]
          mem61 Mike Mendis made changes -
          Assignee Mike Mendis [ mem61 ] Janice Donahoe [ jmd86 ]
          Status In Progress [ 3 ] Ready to Test [ 10001 ]
          jmd86 Janice Donahoe made changes -
          Status Ready to Test [ 10001 ] Testing [ 10002 ]
          jmd86 Janice Donahoe made changes -
          Affects View/s Timeline View [ 10053 ]
          Build Number/s (Testing) 1.7.04.0001, 1.7.04.0002
          Testing Notes Tested with build 1.7.04.0001 and the issue still exists. Tested with build 1.7.04.0001 and the issue still exists.

          Tested with build 1.7.04.0002 and this issue appears to be working correctly.
          i2b2 Feature/s Roles Based Access [ 10063 ]
          Status Testing [ 10002 ] Testing [ 10002 ]
          jmd86 Janice Donahoe made changes -
          Build Number (Fixed) 1.7.04.0002
          Resolution Fixed [ 1 ]
          Status Testing [ 10002 ] Resolved [ 5 ]
          jmd86 Janice Donahoe made changes -
          Status Resolved [ 5 ] Closed [ 6 ]

          People

            jmd86 Janice Donahoe
            jmd86 Janice Donahoe
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: