User roles and permissions

Population Health Analytics uses role-based security to ensure that users only access features appropriate to their responsibilities. Roles are assigned through Ming.le, and the IPHA interface automatically adjusts available features based on each user’s role.

IPHA-User

The IPHA-User role is typically assigned to Quality Analysts who review pipeline activity and results. Users in this role have read-only access throughout the application. Users in this role can perform these actions:
  • View pipeline executions and metrics
  • Explore all available data in pipeline tabs
  • Review execution statistics
  • Download pipeline results by pipeline, measure, result, or individual patient

IPHA-Users cannot initiate or control pipeline operations such as launching, starting, stopping, aborting, or modifying pipelines.

IPHA-ProcessAdmin

The IPHA-ProcessAdmin role is designed for Data Pipeline Administrators who require more control over pipeline management. Users in this role can perform these actions:
  • Start, continue, restart, terminate, abort, and stop pipelines
  • Add a new pipeline to the queue
  • Manage the pipeline queue
  • View audit logs
  • Manage and save pipeline templates
  • Define and manage patient groups

Certain system-level administrative tasks remain restricted for ProcessAdmins to help maintain system integrity and ensure that only authorized users can perform advanced configurations.

IPHA-SysAdmin

The IPHA-SysAdmin role is reserved for System Administrators who must have full access to all features within IPHA, which includes permissions granted to IPHA-ProcessAdmins. Users in this role can perform these actions:
  • Export audit logs
  • View patient longitudinal chart
  • Manage data sources
  • Upload measure packs
  • Manage supported resource types
  • Reset the FHIR Store or delete all information in the FHIR Store, including longitudinal patient charts