3 User Access & Sharing

Once you have built and designed your study, you can share it with users. You can assign different User Types and User Roles to users to specify their access level within the Study Build System and each study environment.

 

Share Screen

The Share features allow you to add sites and invite users to access your study. In the Share interface, you can also access study settings, Participant ID settings, and User Roles

 

You can access the Share screen from either the My Studies screen or Study Designer.

The Share button is on the bottom of the Study card in the My Studies screen. Select Test or Production to share your study.

The Share button is in the header bar in Study Designer. Select Test or Production to share your study.

 

Add Sites

Before you invite users to your study, add at least one site. This applies even if your study is only collecting data from a single site.

 

To add a site:

1. On the Share screen, scroll down to Sites, and click the Add button.

2. On the Add Site screen, begin to type the site name. If it already exists in that environment, select that site from the list. Fields are prefilled with site information. If you need to make a new site, type the name of the site, and enter information in the appropriate fields.

 

 

Note: sites are global, meaning if you use a site in Study A you don’t need to recreate that site for Study B. When adding an existing site to a study, values appear in the Site Name, City, State/Province, Zip, and Country fields automatically.

 

3. Click the Save button.

Otherwise, complete the site form and click Save.

 

Invite Users

To invite a user:

1. Click the Share button under the Form Card of your study on the My Studies screen or in Study Designer, and select your study environment. 

2. Under the People header, on the right, click the Invite button. 

3. Begin typing, and click Invite a new user, or select an existing user from the drop-down list.

a. If you select Invite a new user, the Add User screen appears, and you can enter values for each field. Then click the Create User button.

b. If you select a user from the drop-down list, the system sends an invitation to an existing user via email.

 

Before a user can access a study, they must create a password that meets the following criteria:

  • Must be at least 8 characters in length
  • Must contain at least one of each of the following types of characters:
    • Lower case letters (a-z)
    • Upper case letters (A-Z)
    • Numbers (0-9)
    • Special characters (!@#$%^&*)

In addition:

  • Passwords expire every 180 days, and users are automatically prompted to create a new password. 
  • User accounts are locked after ten failed login attempts from the same IP address.
    • The lockout resets after 15 minutes. The login failure count resets every 24 hours
    • When a user tries to login after their account has been locked, it is included in the User Audit Log as a failed login attempt. 
  • If a user resets a password, it cannot be the same as the previous password.
  • The password reset link is available for 24 hours, after which if a user has not reset the password, they must request a password reset again.
    • All reset requests are logged in the User Audit Log.
  • Users are automatically logged out of OpenClinica after one hour of inactivity.
  • Invitations to studies expire in 14 days if they have not been accessed.

 

Once the password has been defined, the user is prompted to log into OpenClinica. The username or email address is not case-sensitive, but the password is case-sensitive.

 

Multi-Factor Authentication

You can enable multi-factor authentication for your site with an API or contact the OpenClinica Customer Service team. 

When you enable multi-factor authentication, users are prompted to:

1. Download either the FreeOTP app or the Google Authenticator app to your smartphone.

2. Scan a barcode.

3. Enter an access code.

Note: Once you have enabled multi-factor authentication, you no longer need to scan a barcode. Only username, password, and an access code are required to sign in.

Users with a User Type of Administrator can reset multi-factor authentication for a user from the Reset Multi-Factor Access button on the People table on the Administration screen.

If this feature is enabled:

  • Users are required to login with two methods:

1. Enter your username and password.

2. Enter the access code generated by the FreeOTP or Google Authenticator app on your smartphone.

  • All non-Participant users are required to use this feature.
  • Data Specialists and Investigators can still sign Participant records with only their username and password.
  • Participant users logging into Participate are still only required to enter access codes.
  • You cannot enable multi-factor authentication for a specific study, site, or user. It must be enabled per environment.

 

User Type

Overview:

When a user is created, that user is assigned a User Type and User Role. There are two User Types: Admin and User. Only Admins have access to Central User Administration.

 

Definitions:

User Type determines the tasks that the user has permission to perform globally throughout the system. For example, only Admins can create studies or view the Administration screen.

 

User Role determines study-level access and specific tasks the user can perform based on the assigned User Type in the Test or Production environments. 

 

Example: 

For example, A user might have a User Type of Admin and a User Role of Data Manager or a User Type of User and a User Role of Investigator.

 

Available User Types are:

  • Admin:
    • Can create studies.
    • Can see all studies that exist in your test and production environments.
    • Can assign their own access to any study in your Test and Production environments.
  • User:
    • Can only view and access assigned studies or sites.

 

When assigning a User Type, keep the following in mind:

Best Practice:

  • The Admin User Type should be assigned sparingly because administrators have access to all studies. Most users should be assigned the User Type of User. Site users should never be assigned a User Type of Admin, as this would give them potential access to all data across all studies and sites in your Test and Production environments.
  • Each user only has one User Type but can have different User Roles in different studies or sites. For example, one can have a User Type of User, with a User Role of Data Manager on one study and a User Role of Study Monitor on another study. 

 

Refer to the User Matrix for a table of permissions available to each of the OC4 User Roles.

 

User Roles

User Roles include:

User Roles include:

Study-level roles:

    • Data Entry Person: Study-level role with permission to create, view, edit, and remove records; add and update queries; import data.

    • Data Manager: Study-level role with permission to configure the study, add sites, and invite users; create, view, edit, remove, and SDV records; add, update, and close queries; import and extract data.

    • Data Specialist: Study-level role with permission to create, view, edit, remove, and sign records; add and update queries; import and extract data.

    • Study Monitor: Study-level role with permission to view and SDV records; add, update, and close queries; extract data.

 

Site-level roles:

    • Clinical Research Coordinator: Site-level role with permission to create, view, edit, and remove records; add and update queries; import data.

    • Investigator: Site-level role with permission to create, view, edit, remove, and sign records; add and update queries; import and extract data.

    • Site Monitor: Site-level role with permission to view and SDV records; add, update, and close queries; extract data.

Note: Site-level users can only see Participants at the sites they have been assigned to and cannot see study-level Participants.

To access the User Roles screen, click the Settings icon on the Form Card for your study on the My Studies screen and select User Roles.

 

To edit a User Role:

1. On the User Roles screen, click the Edit button to the right of the role you want to edit. The Edit Role screen appears.

2. Enter information in each field (optional):

a. Rename the User Role.

b. Edit the description of the User Role. (The default role description appears to the right of the User Role in the Based On field.)

c. Assign Permission Tags. (See Design a Study: Study Designer Features for more information on Permission Tags.)

3. Click the Save button.

 

 

To create a new User Role:

1. On the User Roles screen, click the Create button. The Create New Role window appears.

2. Enter information in each field:

a. Name the User Role.

b. Select a standard User Role on which to base the new User Role

c. Enter a description for the User Role. (The default User Role description appears to the right of the User Role in the Based On field.)

d. Assign Permission Tags. Assign Permission Tags. (See Design a Study: Study Designer Features for more information on Permission Tags.)

  1. Click the Save button.

 

Note: When a User Role is saved, it becomes available to users in both Test and Production environments for the study.

 

Keep the following in mind:

  • User Roles are defined per study.
  • Custom User Roles have the same access as the User Roles they were based on.
  • Changes to User Roles take effect immediately in both the Test and Production environments. You do not need to re-publish the study.
  • If you want a user to have access in one environment but not another, you must use a different User Role in each environment. For example, the User Roles might be Clinical Research Coordinator 1 in Test and Clinical Research Coordinator 2 in Production. In this case, Clinical Research Coordinator 1 in Test might have access to a Form, but Clinical Research Coordinator 2 in Production might not have access to that Form. 

 

User Profile

All users can update their user profile and password at any time. 

To edit profile information:

1. From the User Menu, select My Profile.

2. Click the Edit link, and update your information as needed:

a. You cannot change the email address associated with your account. Please contact your administrator if you need to change your email address.

b. To change your password, click the Change Password link, and update your password.

Users also have access to OpenClinica Support and to the OpenClinica Privacy Policy from the User menu:

To access the OpenClinica Support Team (contract-based, named users, only): 

 

1. From the User menu, select Support. The Support Portal appears. You must log into the Support Portal separately from OpenClinica.

2. Click the Create Request, View Request, or Email Support buttons, or click the Regulatory Resources button to go to OpenClinica’s documentation site and view information on Regulatory Resources.

 

To access OpenClinica's Privacy Policy

From the User menu, select Privacy Policy. You are then redirected to the Privacy Policy page of the OpenClinica website.

 

Study-Specific User Administration

Data Managers can manage user accounts for studies they have access to. 

To manage users for a study:

1. Go to the My Studies screen.

2. Click the Share button below the study you want to manage users in.

3. On the study-specific User Administration/Share screen, click the Invite, Edit, or Remove buttons to perform those actions as needed. Click the Resend Invitation button to resend an invitation if the user accidentally deleted the original invitation, or it expired.

 

 

Note: The Go button appears on the Share screen and the Settings screen only if the study is available in Test or Production and if you have a User Role with access to the study in the environments it is published in. When you click the Go button, if the study is only available in one environment to which you have access, that environment appears by itself (i.e. If the study is only published in Test, and you have a role in that environment, the only option is Test.) The Design button appears only for Data Managers in the study.

 

 

Central User Administration

Only Administrators have access to Central User Administration, where user accounts can be edited, deactivated, or re-activated across all environments. 

Administrators can also click the Download the User and Role Audit Logs button to download an audit log that includes:

  • Login attempts
  • Role changes
  • Profile changes
  • Password reset requests

To edit user accounts:

1. From the User menu, select Administration. (This option is only available to Administrators.)

2. On the Administration screen, click the Edit button to edit the user account. You can edit everything except for the username.

3. Click the Save button.

To deactivate/activate user accounts:

1. From the User menu, select Administration. (This option is only available to Administrators.)

a. On the Administration screen, click the deactivate button to deactivate the user account. The user can no longer log into OpenClinica

b. To reactivate a deactivated account (across all studies/environments), click the Activate button.

 

 

You can sort columns on the Administration screen by clicking the sort toggle next to a column header.

 

The possible statuses for a user are as follows:

Status Description
Created The user account has been created, but no User Roles have been assigned.
Invited The user account has been created, and at least one User Role has been assigned, but the user has never accessed/activated the account.
Available The user account is active and available for use.
Deactivated The user account has been removed. The user can no longer log into OpenClinica.

Note: User accounts cannot be deleted. 

Central User Administration applies across all studies and environments.

Once a study has been created, Data Managers can:

  • Design the study 
  • Share the study with sites and users
  • Edit the study settings
  • Define Participant ID settings
  • Publish the study to the Test and/or Production environment
  • Activate/deactivate study modules, such as Insight, Participate, or Randomize

View Earlier Designs

The Share screen tracks the publication history for each environment. Scroll to the bottom of the Share screen to see the publication history. To view a previously published version of the study, click the View Study Design link to the right of the version you want to view.

 

A read-only version of the previously published study design appears:

Though no changes can be made to this version of the study, you can view Form and Event settings, download Form versions, preview Forms, etc.

The header clearly indicates this is a read-only version, and includes a link to quickly access the current version of the study, which is fully editable.

Note: Some Form attributes (checklists, tags, and labels) show the values that they have in the current design, regardless of their state in the previously published version. 

 

In the Test environment, if a Form version was overwritten after a previous publication, only the newest version of that Form version is available for preview and download. This is not a concern in the Production environment since Form versions cannot be overwritten.

 


Approved for publication by ktamm. Signed on 2020-03-10 9:31AM

Not valid unless obtained from the OpenClinica document management system on the day of use.