Compliance features offer several controls at the folder level:
Administrators can control the compliance features for a given folder by navigating to: (Admin) > Folder > Management
. Click the Compliance
to set new terms for this container
Require PHI Roles to Access PHI Columns
Role-based PHI handling prevents users from viewing and managing data higher than their current PHI level. Check the box to enable the PHI related roles
. When enabled, all users, including administrators, must be assigned a PHI role to access PHI columns.
You can also control the behavior of a column containing PHI when the user isn't permitted to see it. Options:
- Blank the PHI column: The column is still shown in grid views and is available for SQL queries, but will be shown empty.
- Omit the PHI column: The column will be completely unavailable to the user.
Note that if your data uses any text choice
fields, administrators and data structure editors will be able to see all values available within the field editor, making this a poor field choice for sensitive information.
You can select three levels of additional logging, beyond what is ordinarily logged by LabKey Server
- Do not add additional logging for query access
- Log only query access including PHI columns (Default)
- Log all query access
For logging details, see Compliance: Logging