Regulatory Compliance Support
Ensure audit ready compliance with premium support for HIPAA, FISMA, and CFR Part 11 regulations.
Advanced Controls Ensure Appropriate Data Access
Advanced controls in LabKey Server help restrict data access to authorized users and manage user accounts in a FISMA compliant manner.
PHI Flagging Protects Confidential Patient Data
Flagging data as protected health information in LabKey Server allows you to restrict the visibility of confidential information to users explicitly granted access in accordance with HIPAA regulations.
Activity Logging Supports Audit Preparedness
How it Works
Advanced Account Management
Advanced account management features help organizations adhere to FISMA regulations and by allowing administrators to define account expiration dates for short term users and disable inactive accounts after a period of time, as well as, set limits on unsuccessful login attempts, enforce strong password rules and periodic resets, and prevent users from resetting their email addresses if needed. Organizations can also limit identity providers to only those who are FICAM-approved for additional security.
Annotation of PHI Fields
Data columns in LabKey Server that contain confidential information can be flagged with the level of protection required: none, limited, full, restricted. Data in protected fields is only shown to users granted access at or above that level. Users can export subsets of data with PHI columns removed, allowing users to highlight significant trends over time without revealing any detail about the patients. Those with appropriate access can also run consolidated PHI reports to illustrate the full picture of protected health information.
LabKey Server allows users to generate a filtered snapshot of data that can be reviewed, approved, and signed by an authenticated user. Electronic signatures are recorded with relevant details including a user entered reason. Any subsequent downloads of signed data snapshots are logged to assist in tracing usage.