PHI Settings

[hkethi002]

PHI permission enhancements

• [ ] phi-access required property of permission
• [ ] Container get/get_all methods use phi-access or phi flag to determine if a Request is valid and whether phi fields are accessible.
• [ ] Do not log get_all when phi is not present

Custom PHI field settings

• [ ] Allow users to set phi fields for each project if they are an admin and site level defaults if they are a site admin
• [ ] Container post/put methods use phi-access or phi flag to determine if a Request is valid and whether phi fields are accessible.
  • Analysis POST requests
• [ ] Use a union of the site level and project level fields when projecting phi fields
  • get_all should only use the site level
• [ ] When post or putting a container, check that user isn't writing to any phi fields if they do not have phi-access
• [ ] Add a way for Projects to override site level phi fields

[nagem]

If a project has phi=false, phi will always be returned from all endpoints and ignore site level phi settings.

[nagem]

If tags/notes are marked as PHI,

should a non-PHI user be able to add? - Yes view? No modify? - Yes for own notes, tags cannot be modified delete? - Yes for own notes, no(?) for tags, but we'll allow for now.

[nagem]

Projects cannot override site-level PHI fields, the only way they can display fields blacklisted by site-level PHI settings is to list the project as phi=false.

[nagem]

What to do for GET /sessions when sessions will have different project PHI settings? Use site-level defaults?

[nagem]

Log with PHI settings change in access log.

[nagem]

Search whitelist of returned fields should not conflict with PHI settings (users should not be able to add any fields from search whitelist to project/site level PHI).

[hkethi002]

For projects where phi is disabled:

• should get_all on containers always return everything?
• should everything be logged if phi is disabled?