...
- User visits Synapse page for sensitive data.
- User sees that data is Controlled.
- User opens dialog, showing text for the access restriction, e.g. "Please become 'verified' (following instructions on your home page), and send a description of how you intend to use this data along with the Synapse ID of this data to SynapseAccessandComplianceTeam@synapse.org".
- User visits home page.
- User clicks link "Become Verified" which displays instructions, "Complete your user profile including name, organization and ORCID, then email SynapseAccessandComplianceTeam@synapse.org, including a completed ID verification document."
- User completes user profile and emails ACT, including ID verification document and data use statement.
- ACT receives email. From the user's Synapse user name (the prefix of the 'from' email address) ACT member determines user's home page. ACT member can go to https://www.synapse.org/#!PeopleSearch:<username> to quickly find the user's home page.
- ACT reviews ID verification document and user profile.
- ACT member clicks 'Verify Identity' on user's home page.
- Synapse captures snapshot of user profile, records that user is verified, sends notification to user.
- "Verified" now appears on user's page. "Verify Identity" changes to "Remove ID Verification."
- User receives verification notification.
- ACT visits page for sensitive data, clicks "Grant access", finds the user based on their user name, and clicks "OK".
- User is notified that they are now granted access.
...