Administrators can mark columns in many types of data structure as either Restricted PHI, Full PHI, Limited PHI, or Not PHI. Learn more in the topic:
Simply marking fields with a particular PHI level does not restrict access to these fields. To restrict access, administrators must also define how the server handles PHI data with respect to PHI Role assignment and Terms of Use selection. To define PHI data handling, see
Compliance: Configure PHI Data Handling.
Note that this system allows administrators to control which fields contain PHI data and how those fields are handled without actually viewing the data in the PHI fields. Access to viewing PHI data is controlled separately and not provided to administrators unless granted explicitly.
Example PHI Levels
The following table provides example PHI-level assignments for fields. These are not recommendations or best practices for PHI assignments.
PHI Level | Example Data Fields |
---|
Restricted PHI | HIV status Social Security Number Credit Card Number |
Full PHI | Address Telephone Number Clinical Billing Info |
Limited PHI | ZIP Code Partial Dates |
Not PHI | Heart Rate Lymphocyte Count |
Annotate Fields with PHI Level
To mark the PHI level of individual columns, use the
Field Editor as shown here:
Assay data does not support using PHI levels to restrict access to specific fields. Control of access to assay data should be accomplished by using folder permissions and only selectively copying non-PHI data to studies.
For Developers: Use XML Metadata
As an alternative to the graphical user interface, you can assign a PHI level to a column in the schema definition XML file. See an example in this topic:
Related Topics