Server (Cells) Design
Space shortcuts
Space Tools
Skip to end of metadata
Go to start of metadata

The CRC determines when and how data is presented to a user based on their user role, which is specified in the Project Management (PM) cell. The following table summarizes the user roles and their access permissions in the hierarchical order of least to most access.

Data Protection Track Role

Access Description

Example

DATA_OBFSC

OBFSC = Obfuscated

The user can see aggregated results that are obfuscated.
An example of an aggregated result is patient count.
The user is limited on the number of times they can run the same query within a specified time period. If the user exceeds the maximum number of times then their account will be locked and only the Admin user can unlock it.

<query_result_instance>
<result_instance_id>0</result_instance_id>
<query_instance_id>0</query_instance_id>
<query_result_type>
<name>PATIENTSET</name>
</query_result_type>
<set_size>101</set_size>
<obfuscate_method>OBSUBTOTAL</obfuscate_method>
<start_date>2000-12 30T00:00:00</start_date>
</query_result_instance>

DATA_AGG

AGG = Aggregated

The user can see aggregated results like the patient count.
The results are not obfuscated and the user is not limited to the number of times they can run the same query.

<query_result_instance>
<result_instance_id>0</result_instance_id>
<query_instance_id>0</query_instance_id>
<query_result_type>
<name>PATIENTSET</name>
</query_result_type>
<set_size>101</set_size>
<obfuscate_method />
<start_date>2000-12 30T00:00:00</start_date>
</query_result_instance>

DATA_LDS

LDS = Limited Data Set

The user can see all fields except for those that are encrypted.
An example of an encrypted field is the blob columns in the fact and dimension tables.

PDO request:
<observation_set blob="false" onlykeys="false"/>

DATA_DEID

DEID = De-identified Data

The user can see all fields including those that are encrypted.
An example of an encrypted field is the blob columns in the fact and dimension tables.

PDO request:
<observation_set blob="true" onlykeys="false"/>

DATA_PROT

PROT = Protected Data

The user can see all data, including the identified data that resides in the Identity Management Cell.

 


  • No labels