Data Blinding and Masking

Oracle LSH and Oracle DMW provide data blinding functionality. To see blinded data, a user must have the following privileges:

• Normal access to the table: belonging to a user group that has access to the table, with a role in the context of that user group that allows Read privileges on the data.

• An application role that allows access to blinded data across all studies and tables.

In Oracle LSH, blinding is at the table level only. Blinded tables are partitioned, with the real data in one partition and dummy data in the other. Only users with special privileges can view any real data in the table at all.

In Oracle DMW you can mark data as blinded at the table, column, row, or cell level and specify masking values for the sensitive data. Only users with special privileges can view any real data, but all users with normal Read privileges and user group access to the table can see the real, nonblinded data and the masking values for the sensitive data.

In both products, each time a user with special privileges requests to view real, blinded data, the system audits the event.

When data is blinded, it is hidden in the Oracle LSH and Oracle DMW user interfaces and databases, discrepancy records, and in export or job outputs unless a user with the required blinding application role and normal access to the table(s) explicitly requests to view the real data.

If your study contains Personal/Protected Health Information (PHI), Oracle recommends that you blind all PHI.