VPD Issue For De-Identified Policy And Row Level Security
(Doc ID 2210350.1)
Last updated on FEBRUARY 04, 2019
Oracle Healthcare Translational Research - Version 184.108.40.206 and later Information in this document applies to any platform.
When the "VPD row policy enabled" is set for the HIPAA attributes, no data was visible for VPD configurations that were created to view all the data for a specific study in de-identified mode. All VPD configurations can choose which HIPAA attributes are visible. And customers were using VPD configurations to control access to all of the data of a study so that HIPAA attributes are not visible.
EXPECTED BEHAVIOR -----------------------
Expect the scenarios to have the proper "Row Level Security" where there will be a strict mandate to not allow every user to view the data of studies in de-identified mode. Access to HIPAA attributes as well as de-identified data are granted only to specific users
The issue can be reproduced at will with the following steps:
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!