...
Starting in ClinSpark version 22.3, a new feature is available on Volunteer records allows customers the ability to address these GDPR requests without the reliance of Foundry HealthIQVIA support engineers. This article explains how the feature works, some implications for use, and outcomes of the action.
...
This is applicable to customers using ClinSpark version 22.3 or greater. This feature change can be referenced is attributed in the Release Notes via to development ticket CLINSPARK-3199.
...
The ‘Privacy Remove’ action allows a qualified user to permanently alter the current volunteer data database record and prevent access to volunteer attributes through the user interface.
...
Given that the action is non-reversible, it could have significant impact on operational workflows and potentially patient safety if used improperly. To help mitigate these risks, a specific role action enabling use and warning dialogues have been implemented to ensure the actions are taken appropriately.
Info |
---|
If customers expect further alterations or actions be taken against volunteer records in the database as a response to ‘right to erasure’ requests, a service desk ticket must be opened to engage with the support team to clarify what changes are necessary and expected outcomes. |
Role Action
Users must have the ‘Volunteers Manage Privacy Remove’ role action assigned to an active role on their account in order to access the functionality.
...
Within a given volunteer, users will no longer have a UI path to access basic details, health data, correspondence, notes, files, current/past study participation (including recruitment identification, appointments, cohort assignments, study forms, and lab data), or audits. These navigational areas and features are removed no longer accessible on the volunteer profile.
...
Audits
There is no action menu item for users to access audit history for privacy removed volunteers. Instead, access Access to audits can only be done using (if necessary) through the immutable ID of the volunteer and a specific URL path.
...
customer.clinspark.com/secure/volunteers/monitoring/manage/list/1
...
...
Limitations
Historical Study Information
Once a participant is ‘Privacy Removed’ users do not have the ability to review historical study participation data - data on study forms and lab results such as recruitment and study/lab data - via the volunteer record. Specifically, this means the Studies tab on a given volunteer profile, and subsequently the Recruitment, Appointments, Cohort Assignments, Study Data and Lab Data areas are no longer accessible. These may be important functions to certain users depending on various needs.
...
Access to Privacy Removed Data via a Read Replica Database
After the privacy removal process has been performed, previously existing audit records associated with the underlying volunteer record are not affected, nor are any free text fields (e.g. communications).
This information is not accessible through the user interface, but it's available in the database if a customer chooses to access to review for various workflows, as access to this data from the volunteer record allows appropriate in the Volunteer component, and not the study specific Study componentsaudits via custom queries in the Read Replica.
Browser Caching
Due to browser caching behavior, it may be observed that after the Privacy Remove action has been successfully completed that the volunteer picture may still be visible to the user who performed the remove action in certain places until browser cache is cleared. Browser cache clearing typically will occur automatically after a short period of time, or, can be forcibly cleared by the user to address the issue immediately.
This issue may be observed by clicking on the picture icon to display the volunteer picture:
...
The picture will disappear after browser cache refresh or if using different browser.