• FEATURES
  • PRICING
  • MARKETPLACE
  • CASE STUDIES
  • BLOG
  • Defining PHI for Queries in OS v2.0

    As I understand it, the ability to customize roles in terms of seeing PHI basically involves the ability to see elements of the Patient object. However, we could have PHI in fields of Dynamic Extension forms. Will it be possible to identify those fields as PHI and prevent anyone with a non-PHI role from returning those fields in queries?

    As an extension to Bob’s post, is it possible to track whether PHI has been exported from query results generated in OpenSpecimen? As is stands in OS v1.1, users and admins receive an email when query data has been exported. Would it be possible to receive an alert when the exported query data contains PHI? Is there a way to restrict users from generating reports that contain PHI?

    Hello Bob,

    1. The custom form designer allows users to specify whether a field is normal field or PHI field. There’s a checkbox labeled PHI. If ticked, it means PHI field

    2. If user does not have PHI access, then query engine uses above information to mask all PHI field values

    In nutshell, to answer your question, it is possible and this feature is available since OpenSpecimen v1.0

    Thanks