9 Data Privacy

The Argus application provides various methodologies to protect data between different sites, user groups, and users. This chapter discusses personally identifiable information (PII) and the methods to protect it.

9.1 Personally Identifiable Information

PII (personally identifiable information) or SPI (sensitive personal information), as used in information security and privacy laws, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. PII is any data that could potentially identify a specific individual. Any information that can distinguish one person from another and can be used for de-anonymizing anonymous data can be considered PII. The application protects the sensitive PII data as per user access.

Note:

All PII is personal data, but not all personal data is PII.

In Argus, the following data is considered as PII:

  • Patient Initials

  • Patient Date of Birth

  • Parent Initials

  • Parent Date of Birth

The PII Data can be controlled via user group accesses and common profile switches. The user group accesses that can be used to control the PII data fields are:

  • Case Patient - Patient Information

  • Case Patient - Patient Details

  • Case Patient - Parent Information

  • Case Patient - Parent Details

These user groups accesses are found under Argus Console > Access Management > Groups.

In the Case Form, the patient and parent fields are grouped under the Information/Details sections as shown below.

Patient Information and Details Sections

Surrounding text describes pii1.jpg.

Parent Information and Details Sections

Surrounding text describes pii2.jpg.

The fields are controlled through the user groups as shown in the table below.

Group Access Name Value Case Form Behavior Impacted Case Form Fields
Case Patient - Patient Information Modify User can add/modify all the fields Patient Information

  • Title

  • First Name

  • Middle Name

  • Last Name

  • Address 1

  • Address 2

  • City

  • State

  • Postal Code

  • Country

  • Email Address

  • Protect Confidentiality
View User can only view the fields
No Access The fields are hidden and inaccessible
Case Patient - Patient Details Modify User can add/modify all the fields Patient Information

  • Initials

Patient Details

  • Date of Birth

  • Age and Age Units

  • Age Group

  • Weight and Units

  • Height and Units

  • Gender

  • Pregnant

  • Date of LMP

  • Breastfeeding

  • BMI

  • Body Area

  • Occupation

  • Age At Vaccination and Units

  • Ethnic Group

  • Military Status

  • Country
View User can only view the fields
No Access The fields are hidden and inaccessible
Case Patient - Parent Information Modify User can add/modify all the fields Parent Information

  • Title

  • First Name

  • Middle Name

  • Last Name
View User can only view the fields
No Access The fields are hidden and inaccessible
Case Patient - Parent Details Modify User can add/modify all the fields Parent Information

  • Initials

Parent Details

  • Date of Birth

  • Age and Age Units

  • Weight and Units

  • Height and Units

  • Gender

  • Date of LMP

  • Parent Breastfeeding

  • Age At Vaccination and Units

  • Ethnic Group

  • Medical History
View User can only view the fields
No Access The fields are hidden and inaccessible

Note:

The initials field is located under the Information sections, but still controlled through the Details access group.

This default behavior can be overridden using a set of common profile switches. The switches located at Argus Console > System Configuration > System Management (Common Profile Switches) > Case Processing > Group Data Access are used for this purpose. These switches help the Initials and Date of Birth fields to be controlled via the alternate user groups as shown below.

Switch Name Use Default Value
Access on Patient Initials Sets the Patient Initials either to be part of Patient Information or Details Group Initials part of Patient Details Access Group
Access on Patient Date of Birth Sets the Patient Date of Birth either to be part of Patient Information or Details Group Date of Birth part of Patient Details Access Group
Access on Parent Initials Sets the Parent Initials either to be part of Parent Information or Details Group Initials part of Parent Details Access Group
Access on Parent Date of Birth Sets the Parent Date of Birth either to be part of Parent Information or Details Group Date of Birth part of Parent Details Access Group

9.1.1 Personally Identifiable Information and Application Behavior

This section provides details about the impacted areas and their behavior.

Case Form Print, Case Summary and Medical Summary Reports

The Case Form Print, and the Case and Medical Summary reports display PII data fields only based on the user group access and common profile switches setup.

Case Form Title Bar

For certain report types, the case form title bar displays the Patient initials. These will now be visible based on user group access and common profile switches.

Case Revision

Case Revisions display PII data based on the user group access and common profile switches.

Audit Log Report

The Audit Log reports displays the PII data based on the user group access and common profile switches. If the main user group (Argus Console > Access Management > Groups > Patient Information) is restricted, the new user group access and common profile switches will be ineffective.

System Reports

Both the Patient and Parent PII data in the system reports are controlled only through Argus Console > Access Management > Groups > Patient Information. The sub-level user group access and common profile settings do not have any effect.

Duplicate Search (Book-in, Local Affiliate and ICSR Pending)

The Duplicate search result displays the PII data based on the user group access and common profile switches.

Case Copy and Audit Logging

Case Copy and the Audit Log continue to handle PII data even when the fields are hidden or read-only.

Copy Patient Information from Reporter

Patient initials are copied from the reporter only when the Patient initials field is visible and editable.

Patient/Parent Initials Automatic Calculation

The Patient or Parent Initials are automatically calculated when the Patient or Parent initials field is visible and editable.

Accept ICSR/Affiliate Acceptance (Interchange and LAM)

The Accept ICSR/Affiliate Acceptance dialogs and reports work as in the existing version of Argus Safety. These modules do not follow the PII restrictions levied by user group access setting and common profile switches.

The following sections provides a sample of the Case Form behavior between two users who have been set up for PII Data Privacy.

User Details Access Settings
User 1 User ID: usr_pat_info

Group: Patient_info_group

Access Setting: Case Patient - Patient Information: No Access

Case Patient - Patient Details: Modify
User 2 User ID: usr_pat_det

Group: Patient_det_group

Access Setting: Case Patient - Patient Information: Modify

Case Patient - Patient Details: No Access

No changes to the common profile set up from the default values.

With the above set up when user 1 and user 2 logs into the application, the application behaves as following:

Logged in User usr_pat_info
Application Behavior In the case patient tab, all the fields under Patient-Information group are hidden except Initials, Child Only case and Country fields.
Logged in User usr_pat_det
Application Behavior In the case patient tab, all the fields under Patient-Details group are hidden. Patient Initials, Child only Case and Country fields are hidden too.