Welcome to part four of our ‘Choosing a LIMS’ series. We’re looking at security and how you can protect one of your most valuable assets – your data. You can manage security in LIMS in several ways. Using secure usernames and passwords to restrict access to your LIMS is just one way. Some advanced LIMS offer additional security options that give you different layers of protection for your sensitive and personal identifiable (PII) information. The level of security you need will depend on what you’re using your LIMS for, what data you hold and who you want to access it. And remember, security is not just about protecting your information from external access but also from unauthorised internal access.
What’s meant by “Sensitive data”?
The definition of sensitive data will vary across labs and Biobanks. However, if you’re storing donor data, this is typically any information that can be used to identify the person. Personal identifiable information (PII) could include name, date of birth, address details or hospital number, for example. But it could also cover informed consent documents containing personal details. Or even include notes entered against patient records.
Other information that you could consider sensitive is clinical trial and study data. Plus, you may also hold commercially sensitive information, such as supplier contracts, that you only want selected people to see.
So, when you’re thinking about your LIMS and protecting sensitive information, consider who needs to access what data to carry out their tasks. Should your users see a subset of data or should they only see certain data on records? For example, they can see a patient’s ethnicity but not their name. Identifying this will help you choose the data security options you need in your LIMS.
Restricting who can log in and what they can see
The simplest way to restrict access to your LIMS is via the log in. If a person can’t log into the system in the first instance, then they can’t access its data. Different LIMS provide mechanisms for managing user access. These can include:
- an in-built user management system with a unique username and password
- integration with LDAP or Active Directory for user authentication
- access through an Identity Server.
Each method offers different benefits and is dependent on your own IT infrastructure. Once logged in most LIMS also allow you to assign users to roles. The LIMS will then usually allow you to grant or restrict access to functionality and system areas against that role. And if you can’t see an area, then you can’t see its associated data.
However, it’s important to remember that this won’t prevent access to the back-end database, i.e. access your IT team may have.
Using data security filters to restrict data
In addition to the usual role security that manages access to functionality, some advanced LIMS provide data security filters. These determine the subset of data available to the user when they log in. These filters might be based on system area, such as studies, so the user cannot see any studies at all in the system. Or they may be based on data held within the system, such as the user cannot see a particular type of study. Plus, importantly, whenever the user performs an action in the system, such as a search or data export, the filters kick-in to restrict the information available.
Protecting sensitive information in LIMS using encryption
Encryption is a method of encoding data so that it can only be read by authorised users. It doesn’t prevent access to the data per se but renders it unreadable unless you have the key. One of the most important things to note with encryption is that it can help protect your data from unauthorised viewing at the server level too. This could be unauthorised viewing by internal parties such as your IT team, as well as external parties.
Within the LIMS itself there may be two types of encryption available; database-, or field-level.
- Database-level encrypts all the data in the database. This means that as soon as any user logs in, the entire database is decrypted and available.
- Field-level encryption in LIMS allows you to select the individual field(s) that is to be encrypted. This gives you greater control and flexibility. As a result, a user can’t see sensitive information stored against a patient but can see other information that allows them to continue to work with that record. For example, a user can’t see a patient’s name but can see the samples they have donated as well as the patient’s gender and ethnicity.
When reviewing encryption offered you also need to know whether you can encrypt any new fields you add to the system. Some LIMS only encrypt the core fields provided by the system as standard. Plus, don’t forget to ask how! In some systems you have to define your encrypted fields in a separate file that sits outside the main system.
In addition, a LIMS may define its encryption as ‘at rest’. This means that the data is saved as encrypted in the database. This is important to note as many LIMS offer ‘transport encryption’ which means that data is encrypted as it is transferred from and to the LIMS but not within the system itself. ‘At rest’ encryption offers far greater protection.
Finally, the algorithm that’s used to encrypt the data is also important. This determines the level of protection offered. A highly secure algorithm, such as AES-256, is preferred.
Rules-based encryption for greater security control
Some advanced LIMS also offer rules-based encryption/decryption. This is where you can allow users to see data only if pre-defined conditions are met. This level of flexibility and control allows you to be very specific about what users can and can’t see. For example, you can set filters to allow your users to see personal identifiable information (PII) for active donors registered on a study that they’re working on. However, they can’t see this information for donor’s registered on other studies.
Determining whether the LIMS has the level of security required
To identify whether a LIMS can provide you with the level of protection you need, you must understand your priorities and what ‘sensitive data’ means to you. The level of security you need will depend on what data you’re storing and who you want to have access to your LIMS. However, there are some questions you can ask your LIMS supplier that will help you understand what the system offers. You can then make an informed decision based on what you actually need.
- What mechanism(s) does the LIMS use to authenticate users in the system?
- How often does the system prompt you to change your password? Does the system encrypt passwords? And is there a specific format?
- If the LIMS has an external portal for external user access how is the access managed?
- How does the LIMS restrict user access to functionality, menus, reports, exports and workflows? How easy can this be changed?
- Does the LIMS encrypt data?
- What algorithm does it use?
- Is it ‘at-rest’ encryption?
- Is it field- or database-level?
- Does the LIMS allow you to add any new fields and encrypt them? How is this managed? Are there any restrictions?
- Will the LIMS allow the encryption/decryption of data based on rules? How is this set up and managed?
- What data transfer mechanisms and protocols does the LIMS support?
A final thought about LIMS security
When considering protecting your sensitive data in LIMS it’s not just about managing login access with usernames and passwords. And it’s not just about protecting your data from unauthorised external access – but thinking about internal access too.
Securing your system through username and password access is just the first step. Encryption and data security filters are also available to help prevent unauthorised viewing of personal identifiable information (PII).
The level of security you need depends on what data you’re holding in your LIMS, who you want to have access and what you’re doing and plan to do in the future with your information. Asking the right questions can help you assess whether a LIMS will give you the level of protection you need.
To read more go to ‘Things to consider when choosing a Laboratory Information Management System (LIMS)‘.
Catch up on the rest of the series
- Series introduction – [Just in time for the pantomime season – it’s the oh no it isn’t! Not another] ‘Guide to choosing a LIMS’
- Part one – Avoid going out on a limb* by clearly identifying your acceptance criteria when choosing a LIMS (* pun intended!)
- Part two – Don’t believe the hype? Or do? How to get the most from LIMS recommendations
- Part three – Believing that tomorrow can be better than today. How to implement best-practice and future-proof your LIMS