Patient Privacy Module

From OpenEMR Project Wiki
Revision as of 20:20, 2 September 2024 by Harley Tuck (talk | contribs) (initial page post)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Introduction

This Patient Privacy module controls which patient records are accessible to which staff users.

Any user of any ACL role, whether provider or non- clinician, may be 'attached' to a patient so they may view and edit their record. Users who are not attached to a patient may not.


Keep in mind the direction of the relationship: the staff/ user is attached to the patient so they can see that patient’s record. It is not that the patient is assigned to a staff.


In this document OpenEMR’s 'Patient Finder' tool is used to show a user's access permissions. In actual use, any display in which patient's PII appears would be regulated by this module. For example, if the logged in user was not attached to a patient that patient's appointment would be visible to the user on the calendar but their record could not be opened.


If used, this module will affect the entire patient roster. It is best to make the configuration of this module part of the setup of a practice, and assigning a provider to a new patient a formal part of the new patient admitting process. However, if this module is being incorporated into an existing practice, once the supervision relationships are created (see below) it might be useful to have a user with Administrator ACL go through the practice calendar’s appointments for the next day and assign providers to each patient. But that’s just one idea how to implement it.


One handy thing: if the Patient Privacy module is ever disabled, it may be re-enabled again, and all the previous user attachment settings will return as they were at last use.


This wiki page is the online version of the user docs that are distributed by MI-Squared when you contact us about installing the module. NOTE: at the time of this writing the Patient Privacy module is not included in the released versions of OpenEMR. Please contact us at helpdesk@mi-squared.com to discuss installing it on your OpenEMR instance.


Activate the Module

Once installed into your OpenEMR an Administrator- privileged user needs to register the module with the system to activate it.

Register Module

1. On the main menu, click 'Modules/ Manage Modules' (cursor arrow below)
  • the module name will be somewhere in the list.


PtPrivWiki01.png



2. Click the 'Register' button at the right
  • the 'registered' tab will open with the module on it (below).


3. Click 'Install' button at right (cursor arrow)


PtPrivWiki02.png


4. 'Install' button changes to 'Enable'; click it.




PtPrivWiki03.png




  • The button changes to 'Disable', which indicates the module is enabled.


PtPrivWiki04.png


  1. Log out and back in (not pictured)



The module is registered.


Attach Users

The Patient Privacy module has four different approaches by which to attach a user to a patient:

1. From the patient list
2. From provider pick list
3. From the user/ staff roster
4. From the list of ACL roles


PtPrivWiki05.png And the user may be attached in one of two relationships:

1. Direct access
2. As supervisor to the attached user

These will be illustrated below.


On the main menu click 'Administration' then the new menu item, 'Patient Privacy'














From Patient List

The 'Patients' tab is active by default.

1. Select a patient

PtPrivWiki06.png


PtPrivWiki07.png


  • The Provider Access panel appears showing default tab: Direct Access







2. Select user(s) to attach to this patient* You may 'Ctrl+ click' to attach multiple users









3. Click 'Save Changes'











OR -- click tab: Access via Supervisor


PtPrivWiki08.png






The Provider dropdown list will contain all the users that were attached in the previous step.


The Supervisor dropdown list has the complete list of users.




Be VERY careful when setting supervisors and attaching users to patients.

See final 'Caution!' section of this document for details




Note in this example below that Provider Virginia Apgar has two different supervisors


PtPrivWiki09.png


  • This shows that Dr Apgar has 'Direct Access' to Hornsby's record as Provider.
  • However, oreilley is Apgar's supervisor over this patient, so he can see Hornsby, in addition to any patients oreilley may be attached to himself.
  • And norman dogsbody is also Apgar's supervisor in regards to Hornsby's treatment, so HE can see Hornsby, too, along with his own.
















AND SO-- when Dr Apgar logs in, Hornsby is the only pt she can see.


PtPrivWiki10.png


From Provider Pick List

A slightly quicker method to attach users to patients is to use the provider pick list found on the initial User Patient Permissions tab. This would be a handy way to attach a provider to all their patients in one sitting.


PtPrivWiki11.png


1. Select a user from the list.













  • it will show the provider's current list of patients they're attached to (below).




* Note: this panel shows only the patients that have been added with this panel.
If the user is attached to a patient via the 'User' or 'Roles' tabs that patient will not appear here.


PtPrivWiki12.png

PtPrivWiki13.png


2. Click 'Attach Patient' (oval above)
3. Enter partial patient name and select when full name appears (yes, this is an unusual demo patient name...).


4. Click 'Save changes' to save changes.


  • Panel now displays the attached provider's list of patients (below)



5. Click 'Attach Patient' again to add another patient.


From the User tab

PtPrivWiki14.png


PtPrivWiki15.png










This tab lists all users (not only providers) in all the roles they are assigned in their OpemEMR user profile.



It allows attaching one user as supervisor to another user in each of their roles.











PtPrivWiki16.png



Click on the user's name (here, Virginia Apgar, listed in the previous panel) then select the supervisor for them in that role.



Bug alert - attaching a user as supervisor of another user in one role will attach them in all roles of the other user











Note: A staff who is not allowed to view patient records can still select them for such tasks as do not expose PII. For e.g., they can create an appointment for a patient on the calendar. But if they try to open the patient's record, they get a 'Demographics not authorized' message.




PtPrivWiki17.png











From the Roles tab

The Roles tab allows an Administrator to exclude any one or many ACL roles from the module's access controls. Which therefore gives members of those roles full access to all patients' records.


Note: by default, the Administrator ACL role sees all patients no matter what Patient Privacy settings a patient has.




PtPrivWiki18.png



Select (or multi-select with Ctrl+click) the ACL roles which will be excluded from Patient Privacy restrictions.

Click 'Save'




















PtPrivWiki19.png

Walter OReilley is in the Front Office ACL role, selected in the previous picture.

That allows him to see all patients.















User 'htuck' is a clinician who is not attached to any patients or assigned as a supervisor to any user.

He can't see anything.



PtPrivWiki20.png

Deactivate the Module

The Patient Privacy module may be inactivated at any time without affecting any PII.

1. The EMR Administrator simply goes back to Manage Modules (Main menu: Modules/ Manage Modules) screen
2. Clicks the 'Disable' button


PtPrivWiki21.png
3. and it will be disabled.





PtPrivWiki22.png

4. Log out of the EMR and back in again to finalize the deactivation and remove the Patient Privacy main menu item.











And... that poor user htuck who couldn't see any patients before, is back to full patient roster viewing capabilities.


PtPrivWiki23.png

Caution!

This module works purely with what it is given by the Administrator configuring the attachments. It has no logic checking so it is easy to set up conflicting access permissions.

  • This module will allow having user1 as supervisor to user2 on one patient, then user2 as supervisor to user1 for another patient.
  • It will allow accidentally setting a user as their own supervisor
  • It will allow very complex relationships between attached users, which may defeat the intended access barriers.
Suggestion: diagram the user/ supervisor relationships before configuring them.