Below are a few permission sets that are used for typical roles in a research study. Application permissions give access to the tool (MICIS, Assessment Manager, Study Portals, etc.) and Study permissions give access to the actual study data.
Rule of thumb, if a user does not need access to personal identifying information (PII) in COINS, do not give them access to MICIS under Application permissions.
Applications:
MICIS: the most important thing to note about this application is that it provides access to PII. Always assign the role everybody for any user that needs access to MICIS and you can also assign Coordinator and PI.
Assessments: you can assign DataEntry, DataEntry2, Coordinator, PI.
MySecurity: only assign the PI role.
Study Portals: only assign the Coordinator or PI role.
Roles:
Coordinator: assign this role for Assessments, MICIS and study portals.
If a user has this study role as well as the MICIS coordinator role they can enroll participants, access/edit participant PHI, access/edit scan session data. This role also allows access to Query Builder where they can query assessments and scan data (URSI Coded) and Participant Payments, where they can create payment records and receipts (access to PII).
If a user has the coordinator study role as well as the Assessments coordinator role they can enter data, search assessment records and update data, manage participant queues and review assessments, view/edit instruments and raters.
DataEntry: assign this role to Assessments only.
If a user has this study role as well as the Assessments DataEntry role, they can perform data entry. They will not have access to PII if their user account is limited to this study and application role.
DataEntry2: assign this role to Assessments only.
If a user has this study role as well as the Assessments DataEntry2 role, the user can enter data, search assessment records and update data, manage participant queues and review assessments. A user with only the Assessments and study DataEnty2 role will not have access to view/edit instruments or raters, nor will they be able to access PII.
DXAdmin: assign this role to MICIS only.
If a user has this study role as well as MICIS everybody, the user can manage data shared and approve/deny requests in Data Exchange for your study if Data Exchange is enabled. A user with only this role for the study will not have access to the PII.
qbUser: assign this role to studies only.
If a user has this role as well as MICIS everybody, the user can access the study data in Query Builder only. A user with only this role for the study will not have access to the PII.
PI: assign this role to Assessments, MICIS and MySecurity.
When assigning this role for Assessments and MICIS, it has the same permissions as Coordinator but also includes access to Manage Shared Data for Data Exchange and allows the user to unlock instruments in Assessment Manager.
Mysecurity PI role can be given as an Application permission to allow the PI to assign study and study portal permissions only for the studies for which they are the PI.
Examples:
Research Assistant: permissions below will provide access to PII.
Application permissions:
MICIS: everybody
MICIS: coordinator
Assessments: coordinator
<StudyPortalName>: coordinator
Study permissions:
<StudyName>:coordinator
Data Entry Operator: permissions below will not provide access to PII.
Application permissions:
Assessments: DataEntry
Study permissions:
<StudyName>:DataEntry
Data Entry 2 Operator: permissions below provide access to a few more tools than DataEntry in ASMT but still will not provide access to PII.
Application permissions:
Assessments: DataEntry2
Study permissions:
<StudyName>:DataEntry2
Principal Investigator: permissions below will provide access to PII.
Application permissions:
MICIS: everybody
MICIS: PI
Assessments: PI
<StudyPortalName>: PI
MySecurity: PI
Study permissions:
<StudyName>:PI
Query Builder User: permissions below will not provide access to PII.
Application permissions:
MICIS: everybody
Study permissions:
<StudyName>: qbUser
Comments