Data Protection Officer
You safeguard patient data rights and the facility’s compliance obligations: handling data-subject requests, running data-retention, and managing encrypted backups.
PHI is Protected Health Information. DSR is a Data-Subject Request — a patient’s request to access, export or erase their data.
What you can do
Section titled “What you can do”Your role (data_protection_officer) holds these capabilities:
- Read the compliance register — DSRs, retention runs and export jobs. (
compliance.read) - Raise a DSR. (
compliance.dsr.raise) - Execute a DSR — including the irreversible crypto-shred of a patient’s PHI. (
compliance.dsr.execute) - Run data retention — trigger or dry-run a retention-enforcement run. (
compliance.retention.run) - Manage exports — package and download a data-subject export. (
compliance.export.manage) - Manage backups — request and download an encrypted per-tenant backup, and execute a restore. (
compliance.backup.manage)
These actions are powerful and irreversible. Every one is audited.
What you cannot do
Section titled “What you cannot do”The DPO role is scoped to compliance. It does not grant clinical access, billing, or role assignment. Reading clinical data for a DSR happens through the compliance workflow, not by browsing the chart.
A typical day
Section titled “A typical day”- Review the DSR register for new requests.
- For an access/export request, manage the export — package the patient’s data for download.
- For an erasure request, execute the DSR — note this triggers an irreversible crypto-shred; confirm carefully.
- On schedule, run retention to enforce the facility’s data-retention policy.
- Keep encrypted backups current and test a restore as part of your drill.
Related guides
Section titled “Related guides”- Reference: Roles & permissions
- Module: Admin