Current Work Flow
Dataset A has ACT Restriction. User B wants to download dataset A, he/she needs to email the ACT to request access to data set A. Via emails, an ACT member would ask the user to complete some forms. The forms are different for each dataset. Each request may request n number of users to access the data.
After the user meets all requirements given by the ACT (via emails), an ACT member would go to the dataset and manually enter the user(s) to give the user(s) access to the dataset.
When someone leaves an institution, a requestor will email the ACT about removing a member from their request. The ACT will manually remove this user access.
When a new member join a lab, a requestor will email the ACT about adding a new member to their request + their DUC. The ACT will manually grant the new user access.
Every month, an ACT member will loop over all requests to see which one will expire in a month and send an email to the requestor to remind them about updating their request. If he/she does not response, the ACT member will email other members in their request.
Every few months, an ACT member will download all DUC forms in that period and send them to the data contributor.
A script is run (Brian Bot in mPower?) that gathers public information from the spreadsheet and publishes to a wiki: Principal Investigator, Institution, Date, and Intended Data Use Statement
Example form:
Link to instructions: https://www.synapse.org/#!Synapse:syn2954404
Disadvantages:
Manually entering the detailed information (in a spreadsheet) about the request for access (including approval status) is a burden for the ACT.
- User's handwriting is hard to read.
Proposed Work Flow
**TODO: Incorporate the Access Requirement creation/linking into the process.
The ACT setup the necessary form for dataset A. This will look similar to setting the schema for a table in Synapse, with certain fields included by default.
The fields that are included by default will be determined by the ACT.
The ACT member will navigate to the Dataset page with an Access Requirement, and open the "Create Form" dialog from the tools dropdown menu.
The ACT member can add existing fields (from the template outline by the governance team) to the form.
There is also an option to remove a field by clicking the "x" to the right of the item.
The ACT member can also add a custom new field to the form.
***In addition, the form creator may specify that accessors must be verified/certified users*** Either with a checkbox option, or a VerifiedUserList...
Each form includes a brief instruction given by the ACT.
Each valid request includes the following fields and additional fields:
- Data Requestor - the user who is making the request
- Study Lead
- Additional Users - the users who would also have access to the data is the request is granted.
User B goes to dataset A and clicks on "show unmet conditions" to get to the data access request form. If they are not logged in, then they will be met with this view:
Once they log in, then they will have the option to "Create Request":
Upon clicking Request Access, the user will be shown a form to fill out, and upon submitting the form, an email will be set to notify the ACT.
***TODO: The person filling out the form should be added automatically to the list of accessors.
The requestor can add multiple users for the access request by clicking "Add Accessor"
The requestor then will input the synapse id in order to add the user to the request.
Sample email message to ACT after a user requests access (with links to the dataset):
____________________________________________________________________________________________________________________________________
Hello,
Karen Altergott (kmaltergott) has requested access to Dataset MayoLOADGWAS.
For further information, please visit the dataset.
Sincerely,
Synapse Administration
____________________________________________________________________________________________________________________________________
User B can see the status of their request on the dataset, and can cancel their request while it is pending.
After the request has been approved, the requestor can opt to update their request:
The requestor will be able to edit all submitted fields:
On clicking Update, if anything is not filled in, the user will be shown an error message instructing them to fill in any fields they left blank.
To view all requests made on the dataset, an ACT member can navigate to the dataset and select "View Requests" from the tools menu. This will open a table:
Features of the table view:
Users that have been certified and verified (?) will have a symbol next to their synapse id (in this case a trophy) as an indicator. Users who have previously been approved for access to the dataset will have a check mark next to their name.
If the requestor updates their request, the fields they change will be highlighted for the ACT to more easily see. The version of the request will be incremented.
The ACT member can query the table to only show requests that are pending, or only ones that were approved or rejected. The latter requests will have their approve/reject buttons disabled.
Now the ACT member can view the user request and their submitted form before approving their request with the approval button. Approval may grant access to one user, or to many (ACT will decide based on request). Clicking approve will open a dialog with a summary for the ACT member to double-check before approving, including the ability to edit the email being sent out upon approval:
Sample email message to researcher after their request has been approved:
____________________________________________________________________________________________________________________________________
Hi:
The Synapse Access and Compliance Team has approved your application for use of the MayoGWAS data distributed through Synapse.
To use this data you must adhere to the Terms of Use as described in the MayoGWAS DUC: https://www.synapse.org/#!Synapse:syn2910256
The MayoGWAS data can be accessed through the following Synapse project:https://www.synapse.org/#!Synapse:syn3219045
Please note that the first time you download a datafile you will also be asked to agree to acknowledge the AMP-AD Partnership in publications derived from any of the AMP-AD data. This approval must be performed through the website.
For a review of the AMP-AD Data Terms of Use, please see here: https://www.synapse.org/#!Synapse:syn2580853/wiki/78604.
Please note, this email is sent from an unmonitored account. Send any questions to act@sagebase.org.
Sincerely,
The Synapse Access and Compliance Team
____________________________________________________________________________________________________________________________________
Hi:
The Synapse Access and Compliance Team has rejected your application for use of the MayoGWAS data distributed through Synapse, because you did not sign the DUC.
To submit another request, please visit the MayoGWAS dataset at: https://www.synapse.org/#!Synapse:syn2910256.
Please note, this email is sent from an unmonitored account. Send any questions to act@sagebase.org.
Sincerely,
The Synapse Access and Compliance Team
____________________________________________________________________________________________________________________________________
The data contributor wants to know who has access to their data. Sage has been given report about approved requests including the following information: Principal Investigator, Institution, Date, and Intended Data Use Statement.
Brian has a script that update this wiki: https://www.synapse.org/#!Synapse:syn4993293/wiki/392026
For auditing purposes, ACT member could query requests (find requests that need to be processed, find requests that have been approved and see when they were approved, etc). ACT member could export set of files (associated with the dataset requests) as zip file, to be sent to data contributor.