Rights management
Cohort360 comes with a complete right management system, let's see how it works
Features
Data access rights
Based on a care site hierarchy
Specify which care sites a user has rights on
Specify either nominative or pseudo-anonymised rights
Data access rights features are enough to run Cohort360 correctly, for example, you can give a user the nominative right to browse the data of a care site and its children care sites.
Advanced rights
Give rights to manage the rights of other users
Give right to view rights of other users
Give rights to manage the roles used to give rights to other users
And many more...
The logic of access rights
RBAC
RBAC is a right system based on roles and permissions.
The implementation of RBAC in the case of Cohort360 consists on the following:
A user can have many access
An access is a link between only one user, only one care site, and only one role
A role have between 0 to N permissions
A list of persmissions is already defined
https://excalidraw.com/#room=d6f7ed43fad5aa378194,gGLZQxo-YnyHdfeXp-qg3Q
In this example, User has two accesses:
Access A which gives permissions to access pseudo-anonymised data and admin permission on care site X
Access B which gives permissions to access nominative data and export data on care site Y
Tree-based care site hierarchy
The only accepted care site hierarchy accepted is a tree, which means that:
A care site has only one single parent
A care site can have from zero to infinite children
Technical aspects
Right management in Cohort360 is stored in Cohort360's Django back-end.
Dernière mise à jour
