Skip to Main Content
Interweave Portal - Ideas

This portal provides an open platform for user feedback and product change requests. Anyone can add an idea and remain as a Guest, but please consider signing up so that others can see who has created the ideas!

Note: this is a public facing web portal, any text here can be viewed by anyone over the internet, so please consider carefully the content you wish to share and please do not post anything of a sensitive nature.

Status Shipped
Created by Ian Clucas
Created on Feb 17, 2022

RBAC development for panel display

Hi All

The Interweave product team have been debating an idea, the value of which we'd like to validate with end user organisations

High level user story:

as a tenant admin (or CSO)

i need to be able to determine which roles can see which panels in the portal

so that I can manage what functionality is available to end users of different types

Atm everyone see's everything in the portal, including newly released panels and therefore new data, however, we may need to implement more of a roles based access model, because:

  • tenancies may want to clinical safety test any new panels before they're made available to users

  • end user training may be required (to understand the new data items)

  • admins/CSOs may want to try them first, and decide whether they would benefit their users

  • some panels/data may not be appropriate for some user types

  • some panels may be 'experimental' e.g. version 2 of Encounters could be seen against v1 (with real data)

So the requirement is for each panel to be viewable by appropriate Roles only, rather than all. In this way each tenancy can determine the user experience at a more granualt role based level.

We would very much like your feedback on this idea and whether it solves a big enough problem for us to spend time in development, or whether we think it could be deferred until we have a more mature product and wider user base.

Many thanks

Ian Clucas

Interweave Product Manager

  • Attach files
  • Joseph Perry
    Nov 17, 2022

    Agree, we would find this really useful at ERYC.

  • Mark Filby
    May 19, 2022

    Agree, there are lots of specific data sets with differing National guidelines for access restrictions, such as CPIS, SCRa etc and also just the basic principle of only having access to what you require to do your role and deliver your service. the overriding access based on health needs is good, but there is still some level of management required to reduce the provision of excessive information.

  • Admin
    Ian Clucas
    Feb 23, 2022

    During a chat with HCC social care, children's and vulnerable people data was also mentioned - this introduces a new dynamic in terms of how we're able to control access. This could require a separate tenancy for those teams who support children, or a filter mechanism to exclude data based on age, or something else...

    Once we get closer to this use case we will look to solve this problem with input from partners, IG, Clinical Safety, Safeguarding and practitioners

  • Bryan Croxford
    Feb 22, 2022

    Totally support this development. It's not a major issue at the moment with limited sets of data from organisations, but as we bring in more organisations and maybe increase usage by different groups of staff internally, we might want to restrict access to certain cohorts of data with that 'Need to know' perspective