Sample Data Integrity

Because Samples are highly regulated and controlled, data integrity and security is very important.

The sections below describe what administrators need to know about security requirements for the Sample Inventory application.

Sample Management Security Settings

Within the Veeva CRM application, the Sample Management module requires specific Security Settings in order to support the PDMA compliance requirements. The following is a list of security settings that should be managed to meet the requirements:

Sample Object Security Settings

Sample Lot object

  • Identified as Private
  • Sales Reps and Management should have Read/Edit Privileges
  • Administrators should have All Access Privileges

Sample Transaction object

  • Inherits Private Security from Sample Lot Master relationship
  • Sales Reps and Management should have Read/Create Privileges
  • Unlock Field
  • Field Security for Sales Reps and Management should be set to not visible
  • Admins should have visibility

Lot Catalog object

  • Identified as Public
  • Sales Reps and Management should have No Privileges
  • Administrators should have All Access Privileges

Sample Inventory object

  • Identified as Private
  • All Users should have All Access Privileges
  • Unlock Field
  • Field Security for Sales Reps and Management should be set to not visible
  • Admins should have visibility
  • Audit Field
  • Field Security for Sales Reps should be set to not visible
  • All Profiles that will be performing Audits should have Field Security set to visible

Sample Inventory Item object

  • Inherits Private Security from Sample Inventory Master relationship
  • All Users should have all Access Privileges

Sample Receipt object

  • Inherits Private Security from Sample Lot Master relationship
  • All Users have All Access Privileges

Sample Transaction Audit object

  • No Users should have any Access Privileges to the object

Sample Tab Access Settings

My Samples Tab

  • All Sampling Profiles and Admins should have Default On
  • All Non-Sampling Profiles should have Tab Hidden

Sample Transaction Tab

  • All Non-Sampling Profiles should have Tab Hidden
  • All Sampling Profiles and Admins should have Default Off

Sample Inventory Tab

  • All Non-Sampling Profiles should have Tab Hidden
  • All Sales Rep Profiles should have Tab Hidden
  • All Sampling District Managers and Admins should have Default Off

Lot Catalog Tab

  • All Non-Admin Profiles should have Tab Hidden
  • All Admins should have Default On

Do Not Create a Tab for the following objects:

Sample Transaction Audit
Sample Lot
Sample Inventory Item

Sample Record Type Settings

  • Sample Transaction object
  • Sample Transaction object
  • Adjustment
  • Transfer
  • Return
  • Administrator Record Type Access
  • Adjustment
  • Transfer
  • Return
  • Disbursement
  • Receipt
  • Non-Sampling Profiles Record Type Access:
  • None
  • Record Type Security Settings
  • An organization can control what types of Sample Transactions a Sales Rep can create by modifying the Profile access to the Adjustment, Transfer, and Return Record Types. Removal of a Record Type from the Profile will remove the Sales Rep’s ability to create the removed Record Type Sample Transaction
  • Disbursement Sample Transactions are controlled by managing the Sampling Section Signals for the Call Sample section on the Call object Layout.
  • Receipt Sample Transactions are controlled based on if Transfer Sample Transactions can be created and if a Sample Receipt record can be created for the User.

Role Hierarchy and Data Sharing Security Settings for Sample Management

The ability for users to perform Sample Inventories, Sample Transfers, Sample Adjustments, Sample Returns on behalf of another user, as described in the above sections, is dependent on the establishment of the Role Hierarchy and Data Sharing Settings. By default, in the Role Hierarchy, Managers have access to all private data within their underlying reporting structure. This default functionality allows all Managers to perform the above listed Sample actions for their reports.

Additionally, if an Auditor or another user that is not established within the Role Hierarchy, is required to perform one of the Sample actions outlined above, Data Sharing Rules can be established to provide access to Sample Lot and Sample Inventory data. Utilizing Data Sharing Rules, an Auditor user can be created and given access to all Users’ Sample Inventory and Sample Lot data to allow for annual audit checks for randomly selected Sampling Users.

Audit Trail Security Settings for Sample Management

An Apex Trigger resides on the Sample Transaction and Sample Order objects that creates a mirror copy of the entire Sample Transaction record and inserts the copy into the Sample Transaction Audit object in the case that a Sample Transaction record is edited or deleted. The user that performed the action, the action being performed, and the date and time of the action is also logged for each change.

The Sample Transaction object is create-only for all users, except the Admin. The Audit Trigger is in place in the case that an Admin is archiving data from the Sample Transaction object. The Apex Trigger will capture the modification and maintain a historical record of all changes and deletes of a Sample Transaction record.