PopMedNet Network Administration Best Practices With Melanie Davies and Kyle Erickson
Our Networks Mini-Sentinel: ~60 requests/month NIH Collaboratory DRN: ~10 requests/month Health Data Collaboration: ~15 requests/month MDPHnet: ~20 requests/month PCORnet DRN: ~15 requests/month
Objective Discuss the standard governance processes/ role based structure used by most PopMedNet networks that ensures an efficient scalable environment. Covering: Entities, rights, security groups, roles, and their interactions in a PopMedNet network Various pathways needed for appropriate user support Advantages and disadvantages with using PopMedNet from a network administration perspective
Network Administration Responsibilities Setup and maintain network entities and access controls Manage user credentials Onboard users Answer questions and troubleshoot Manage network software updates Report and manage bugs and issues Supporting Users
PopMedNet Entities
Organizations Organization = An entity that a collection of Users and DataMarts are assigned to that represents a real-world organization/site. May be standalone or linked with another Organization as a Parent or Child An Organization may have multiple DataMarts and Users and may be a member of multiple Groups and Projects
Parent and Child Organizations A Parent Organization may have multiple Children, but a Child Organization may only have one Parent Child Organizations may also be Parents of other organizations, allowing for deeper hierarchies Parents and Children may have multiple DataMarts
DataMart DataMart = represents a data source used to process requests A DataMart may only belong to one Organization A DataMart may be a member of multiple Projects
Users User= a person participating in the network. A User may only be a member of one Organization
Groups Group = a sub-network A Group may have multiple Organizations and Projects
Projects Project = collection of DataMarts, Organizations, request types, and permissions used to delineate network activity A Project may contain multiple Organizations and DataMarts A Project may only belong to one Group
PopMedNet Entities Health Data Collaboration Network IMEDS/Pfizer Group HMORN Group Production Query Project HMORNnet Project CRNnet Project Org A Org B Org C Org D Org E Org F Org G Org H Org I Org J Org K Org L Org M Org N
PopMedNet Entities Health Data Collaboration Network IMEDS/Pfizer Group HMORN Group Production Query Project HMORNnet Project CRNnet Project Org A Org B Org C Org D Org E Org F Org G Org H Org I Org J Org K Org L Org M Org N
PopMedNet Entities Health Data Collaboration Network IMEDS/Pfizer Group HMORN Group Production Query Project HMORNnet Project CRNnet Project Org A Org B Org C Org D Org E Org F Org G Org H Org I Org J Org K Org L Org M Org N
PopMedNet Entities Health Data Collaboration Network IMEDS/Pfizer Group HMORN Group Production Query Project HMORNnet Project CRNnet Project Org A Org B Org C Org D Org E Org F Org G Org H Org I Org J Org K Org L Org M Org N
PopMedNet Entities Health Data Collaboration Network IMEDS/Pfizer Group HMORN Group Production Query Project HMORNnet Project CRNnet Project Org A Org B Org C Org D Org E Org F Org G Org H Org I Org J Org K Org L Org M Org N
Rights Right: an individual permission allowing a single action on a PopMedNet network Rights can be assigned at every entity level
Rights Right: an individual permission allowing a single action on a PopMedNet network Rights can be assigned at every entity level
Security Groups Security Group: a collection of rights that can be assigned to a user Users can have multiple security groups Security group naming conventions consist of: [Organization or Project]\[Role] Examples: Clinical Site 3\DataMart Administrator, Drug Surveillance Project\Observer
Roles A role is a defined position a user fulfills within a PopMedNet network A single user may have multiple roles Our standard set of roles: Observer Enhanced Observer Investigator Enhanced Investigator Results Reviewer Request Reviewer Organization Administrator DataMart Administrator Network Administrator Everyone
Managing User Credentials Following processes for different network governances Typically requires additional tracking outside of PopMedNet
Supporting Users Maintaining PopMedNet support email Onboarding Contacting to-be users with instructions to set up accounts and/or the DataMart Client Troubleshooting and holding calls with users to diagnose difficult issues Giving demos to current and to-be users Receiving and managing bug reports and functionality requests
Maintaining PopMedNet Support Email Central location for network support Onboarding new users Troubleshooting with existing users Enables easy, organized triaging
Onboarding Users Identifying and contacting appropriate users for each role Walking through PopMedNet setup Providing additional instructions where necessary
Troubleshooting ~95% of issues are resolved via PopMedNet support email ~5% require calls with users and/or technical teams at Lincoln Peak Frequently requires testing and replication
Summary Very granular access control scheme enables flexibility but requires establishing standards to remain organized High learning curve, difficult to learn every intricacy Supporting users requires a significant amount of time dependent on size of the network and experience of users Maintaining a single organized support contact helps facilitate communication Having access to more technical support (e.g. Lincoln Peak) helps to resolve most difficult problems Online documentation (PopMedNet wiki) is frequently referenced
Questions