In a biological research laboratory blood samples of test persons are to be examined. Upon request, the participants will subsequently be informed of their personal results. Furthermore, the results may also be evaluated anonymously for research purposes.
Requirements: Workflow and data protection
In this scenario, a wide range of interactions with the data to be managed must be taken into account to satisfy data protection requirements and at the same time maintain the usability of the data:
- Only authorized parties must know the origin of the samples.
- Only laboratory staff should be able to enter or modify analysis results.
- If mistakes in the data have to be corrected, the process must remain traceable and transparent.
- The laboratory staff must be informed which analyses are to be carried out for which samples.
- Only approved data may be accessible for research purposes.
Implementation with LinkAhead
At the data level, access controls are configured in LinkAhead based on roles so that data protection and compliance requirements are automatically met.
Using LinkAhead, a customized user interface is created in which only the relevant data is displayed and can be edited. For recurring manual entries, input masks are provided so that entries are largely mistake-free. However, automated data integration makes use of available machine-readable material whenever possible, e.g. files generated by laboratory devices or by direct access to the devices themselves.
When data is changed in LinkAhead, the change process is saved along with it, and the original content remains accessible in the version history. Thus, corrections are inherently traceable and accurately logged.
Since the operational procedures are typically the same, a workflow management is created in the adapted user interface, in which the users can see which tasks are still pending for which samples and in which the processing is documented. At the same time, the laboratory management can see the current status of each sample and which analysis steps are still outstanding.
The employees in the research department have access to the data either via the graphical user interface or via programming interfaces (APIs). But even with direct access to LinkAhead, they can only read or write the data permitted by their role permissions.