6. Emergency Access Procedure

From OpenEMR Project Wiki

Owner of this task

OpenEMR and EHR Support

ViCarePlus HealthCare IT Services & Support

6559, SpringPath Lane, San Jose, CA, USA

Website: http://www.vicareplus.com

Email: services@vicareplus.com

Meaningful Use Requirements

Permit authorized users (who are authorized for emergency situations) to access electronic health information during an emergency.

Emergency Login

The individual facility can describe the guidelines for an emergency situation. An emergency access solution should be used only when normal processes are insufficient (e.g. the helpdesk or system administrator is unavailable).

Technical Requirements

1. "Emergency Login" acl creation will handled in two ways

    1. During installation
    2. Use acl_upgrade.php

2. When the Emergency Login policy is chosen while user creation, a message "Emergency Login ACL is chosen. The user is still in active state, please de-activate the user and activate the same when required during emergency situations. Visit Administration->Users for activation or de-activation." is display and request users to disable the Emergency user account. The usernames should be of the format "breakglassxxx" or "emergencyxxx"

3. When the Emergency Login account is activated (during emergency situation), an automatic mail should be sent only if $GLOBALS['Emergency_Login_email'] is set 1 and $GLOBALS['Emergency_Login_id'] is set to mail id.

4. Irrespective of the log level, all activities during emergency access should be logged.

5. After the emergency period, the account should be deleted and the audit trail should take place [Administrative requirements]

Where:

1. Administration -> Users

2. Administration -> ACL -> User Memberships

3. Administration -> ACL -> Advanced -> ARO Group Admin

Status

Completed and checked in to the Sourceforge CVS

Links