How security works

Studies, clinical data models, transformations, and validation checks are all objects. Users are allowed to perform an operation on an object when they:

• Belong to a user group that is assigned to the object either explicitly or by inheritance. For information on inheritance, see Object ownership.

• Are assigned to a role within that user group that allows the operation on the object.

• Have an application role that allows access to the required part of the user interface.

• To either view blinded data or to unblind data, both an object privilege and an application role are required.