Biologics: Protect Sequence Fields

 2024-04-18

Premium Feature — Available with LabKey Biologics LIMS. Learn more or contact LabKey.

Protein Sequences and Nucleotide Sequences can be hidden from Biologics users who do not require access to that intellectual property information, while retaining access to other data. This is implemented using the mechanism LabKey uses to protect PHI (protected health information). Sequence fields are marked as "Restricted PHI" by default.

When an administrator configures protection of these fields, all users, including admins themselves, must be explicitly granted "Restricted PHI" access to see the Sequences.

Other fields that contain PHI (protected health information) or IP (intellectual property) can also be marked at the appropriate level, and hidden from users without sufficient permission.

Restrict Visibility of Nucleotide and Protein Sequences

An administrator can enable Protected Data Settings within the Biologics application. Once enabled, a user (even an administrator) must have the "Restricted PHI Reader" role in the folder to view the protein sequences and nucleotide sequences themselves.

  • In the Biologics application, select > Application Settings.
  • Scroll down to Protected Data Settings, then check the box to Require 'Restricted PHI' permission to view nucleotide and protein sequences.
    • If you don't see this box, you do not have sufficient permissions to make this change.

PHI/IP Protection Levels and Permissions

There are four available 'levels' of protection, detailed in this topic: Protecting PHI Data

  • Not PHI
  • Limited PHI
  • Full PHI
  • Restricted PHI: the highest level of information to be protected. Sequences are protected at this level.
User permissions to see these levels are assigned in the LabKey Server interface:
  • Use the menu to select LabKey Server and your Biologics project.
  • Select > Folder > Permissions.
  • Assign the Restricted PHI Reader role to any user who should be able to read Sequences.
    • Note that this role is required to see Sequences, even for users with admin access to the Biologics application.
    • Learn more about setting permissions here: Configure Permissions
  • Save and Finish when permissions settings are complete.

Omit or Blank Protected Data

You can choose whether to show an empty column (the default) or omit the column entirely.

  • Select > LabKey Server > Your Biologics Folder.
  • Select > Folder > Management.
  • Click the Compliance tab.
  • Confirm that Require PHI roles to access PHI columns is checked.
  • Use the radio button to select either:
    • Blank the PHI column. (Default) The column is still shown in grid views and is available for SQL queries, but it will be empty.
    • Omit the PHI column. The column is completely unavailable to the user.

Learn more in this topic: Compliance: Configure PHI Data Handling

Conditional Viewing of Sequences

Once configured as described above, any user without 'Restricted PHI' permission will see that there is a Sequence column, but the heading will be shaded and no sequences shown. Hovering reveals the message "PHI protected data removed"

Users with the 'Restricted PHI' permission role will see the contents of this column.

Mark Other Fields as Protected

Other fields in Registry Source Types and Sample Types may also be protected using the PHI mechanism, when enabled. A user with lower than "Restricted PHI Reader" access will not see protected data. In the LabKey Server interface, they will see a banner to this effect.

The mechanism of setting and user experience is slightly different for Registry Source Types and Samples.

Note that PHI level restrictions apply to administrators as well. When Sequence protection is enabled, if the administrator is not also assigned the "Restricted PHI Reader" role, they will not be able to set PHI levels on other fields after this setting is enabled.

Protect Registry Source Type Fields

When a field in an entity Registry Source Type other than the Sequence fields is set to a higher level of PHI than the user is authorized to access, it will be hidden in the same way as the Sequence fields.

To mark fields in Registry Source Type, such as registry entities including nucleotide and protein sequences, use the LabKey Server interface to edit these "Data Classes".

  • Use the menu to select LabKey Server and your Biologics project.
  • Click the name of the Data Class to edit, such as "NucSequence"
  • Click Edit.
  • In the Fields section, click to expand the desired field.
  • Click Advanced Settings.
  • Use the PHI Level dropdown to select the desired level.
  • Click Apply.
  • Click Save.
  • Return to the Biologics application.

Protect Sample Fields

When a field in a Sample Type is protected at a higher level of PHI than the user can access, they will not see the empty column as they would for an entity field. To mark fields in Sample Types as PHI/IP, use the Biologics interface.

  • Click the name of your Sample Type on the main menu.
  • Select Manage > Edit Sample Type Design.
  • In the Fields section, click to expand the desired field.
  • Click Advanced Settings.
  • Use the PHI Level dropdown to select the desired level.
  • Click Apply.
  • Click Save.

Related Topics