Overview
The PHI Management page allows administrators to configure masking parameters for Protected Health Information (PHI) and manage how sensitive data is displayed across the platform. This ensures compliance with privacy regulations such as HIPAA, GDPR, and local data protection laws.
Access this page via System Settings → PHI Management.
PHI Masking Parameters
Configure how sensitive data fields are masked or displayed to users based on their roles and permissions.
| Field | Description |
|---|---|
| Enable PHI Masking | Master toggle to activate or deactivate PHI masking across the platform. When disabled, all users with appropriate permissions can view unmasked PHI data. |
| Default Masking Policy | Select the default masking behavior for new PHI fields: Full Mask (completely hidden), Partial Mask (show first/last characters only), or Role-Based (determined by user role). |
| Mask Character | Choose the character used to replace masked data (e.g., *, #, ●). Default is asterisk (*). |
Field-Specific Configuration
Define masking rules for specific types of sensitive data fields.
| Field Type | Configuration Options |
|---|---|
| Personal Identifiers | Configure masking for SSN, passport numbers, driver's license, and other government IDs. Options include: show last 4 digits only, show first 3 and last 4, or full mask. |
| Contact Information | Set masking rules for phone numbers, email addresses, and physical addresses. Phone numbers can show area code only; emails can show domain only. |
| Medical Record Numbers | Define how medical record identifiers are displayed. Options include partial display with configurable visible segments. |
| Dates of Birth | Configure date masking: show year only, show month/year only, or shift dates by a random offset while maintaining relative age calculations. |
| Financial Information | Set masking for insurance IDs, account numbers, and billing information. Typically shows last 4 digits only. |
Role-Based Access Control
Control which user roles can view unmasked PHI data.
| Setting | Description |
|---|---|
| Unmasking Roles | Select user roles that are permitted to view unmasked PHI data (e.g., Principal Investigator, Study Coordinator with elevated permissions). |
| Audit Unmasking Actions | Enable detailed audit logging when users with unmasking permissions view sensitive data. All unmasking events are recorded with timestamp, user ID, and field accessed. |
| Temporary Unmasking | Allow authorized users to temporarily unmask PHI for a specific session or time period (e.g., 15 minutes), after which data is automatically re-masked. |
Display Policies
Configure how masked data appears to end users.
| Feature | Description |
|---|---|
| Show Mask Indicator | Display a visual indicator (e.g., eye icon with slash) next to masked fields to inform users that data is hidden. |
| Tooltip on Hover | Show a tooltip explaining why data is masked and what role is required to view it when users hover over masked fields. |
| Export Behavior | Define how masked data is handled in exports: Export Masked (maintain masking in exports), Export Unmasked (for authorized roles only), or Exclude PHI (remove PHI fields from exports entirely). |
Compliance & Audit
Compliance Tip: PHI masking is required for compliance with HIPAA Privacy Rule, GDPR Article 9 (special categories of personal data), and Vietnam Decree 13/2023/NĐ-CP on personal data protection. Ensure masking policies are documented and reviewed annually.
Saving Changes
Click Submit to save your PHI management configuration.
Important: Changes to PHI masking policies take effect immediately for all active sessions. Users currently viewing unmasked data will see the updated masking rules upon page refresh. All configuration changes are logged in the Audit Trail for compliance purposes.