Start a conversation

User rights for encryption

The "Manage Encryption" right

The Manage encryption right will allow you to assign "Encrypt" rights to other users in your study (see below).  This is similar to the "Manage Users" right, except it is dedicated to the user rights for encrypted data.

Note: At the moment, this right is also necessary to define fields as encrypted in the form builder. This will change in the future and all users with Manage Form rights will be able to define fields as encrypted.

Once the Encryption module is enabled in the Settings tab, the Manage encryption right is by default assigned to the study creator. You can find this right in the Users tab next to the rest of the management rights:

With this right, you can also assign other users Manage encryption rights if you want to transfer the responsibility. You can also remove this right for yourself  if necessary. 

Note: If you remove the Manage Encryption right for yourself, you cannot reverse this and assign it back to yourself. Only another person with Manage Encryption rights can assign it back to you.

"Encrypt" rights

Encrypt rights allow for data entry users to edit encrypted data. This in essence gives them a so-called encryption key that will allow them to store data in encrypted fields. 

Encrypt rights only make sense in combination with Edit rights (for users who need to add and edit encrypted data) 

Just like all other rights, Encrypt rights are assigned per institute. For example, all users with View, Edit and Encrypt rights for Institute X will be able to view and edit the encrypted data from any record belonging to that institute.

You can assign Encrypt rights in the Institute rights tab for each user. 

When clicking the Save button, a pop-up window will appear requesting your password. This is the same password you use for login and is required as an extra security step.

Users who have Encrypt rights and Export rights can choose to export the encrypted data and will see the the decrypted data in the exports. Users with Export rights, but without Decrypt rights will see *encrypted* in the export for all encrypted variables.

"Decrypt" rights

Decrypt rights allow the users only to view the data entered into an encrypted fields. Decrypt rights only make sense with View rights (for users who only need to view this data).

You can assign Decrypt rights in the Institute rights tab for each user. 

When clicking the Save button, a pop-up window will appear requesting your password. This is the same password you use for login and is required as an extra security step.

Users who have Decrypt rights, View and Export rights can choose to export the encrypted data and will see the the decrypted data in the exports. Users with Export rights, but without Encrypt rights will see *decrypted* in the export for all encrypted variables.

Choose files or drag and drop files
Was this article helpful?
Yes
No
  1. Castor Support Team

  2. Posted
  3. Updated