TOPAZ and Data Security – Access Control

For a system like Elements, ensuring that valid users only have access to the appropriate screens and data is a very important aspect of data security. People with access to someone else’s protocol or staff account (aka grant) would represent a considerable risk of deliberate or accidental meddling!

“I’m sure Joe down the hall would love to buy me these animals as a birthday present!”

Elements provides tools to ensure that this risk is managed. We think of access control in Elements as having two “axes”—the horizontal axis providing role-based access control to screens and menu items, while the vertical access provides protocol-based access to protocol and animal data. The intersection of these axes controls what a given user can do to which set of data.

Role-Based Access

Role-based access is controlled in the Administration module. Customers can create their own roles and assign access right to them. A given user can then be associated with one or multiple roles. Typical roles include PI, IACUC Member, IRB Manager, Vet Tech, etc.

For an Administrator at a large facility, this can represent an ongoing workload if staff turnover is significant. The users have to be associated to their roles even if some kind of authentication automation is being used. There are ways to automate all or part of this admin burden via web service integration. If you need help, contact us!

Protocol-Based Access

The protocol-based access control (which internally in our local TOPAZ dialect we refer to as “row security”) is all based on the protocol. Essentially, users who are not some type of admin with “access all” superpower can only access data related to protocols where they are some kind of associate. I can only order animals against “my” protocols, can only see the cage population for “my” protocols, and can only review animal health issues on “my” animals.

You May Also Like…

Clarifying the Reporting Requirements

Clarifying the Reporting Requirements

It's Important to stay aware The National Institutes of Health (NIH) Office of Laboratory Animal Welfare (OLAW) released its “Request for Information (RFI) on Clarifying the Reporting Requirements for Departures from the Guide for the Care and Use of Laboratory...

How does Health Check Work?

How does Health Check Work?

In our last blog post, we detailed the importance of conducting regular Health Checks. This week, we will take a look at the different ways that a Health Check can be done, as well as other factors that should be considered when evaluating your processes.   What is a...

The Importance of Regular Software Health Checks

The Importance of Regular Software Health Checks

Purchasing laboratory management software may seem like the obvious fix for an institution’s productivity. Robust software that streamlines processes and improves workflow are highly valued and touted as a must-have for any organization with an animal research...