mike-h30 wrote on Tuesday, November 11, 2008:
I am testing access to the billing information by creating a user and taking away any permissions that have to do with billing from ACL within OpenEMR-2.9.1 -dev.
In this case we have a massage therapist that we contract to provide massage therapy for our patients. She needs to document her sessions however we do not want her to see the billing information on each patient she provides massage therapy.
I gave this user “clinician” access with the following rights via ACL:
Clinicians-add only
encounters : Notes – my encounters(write,addonly optional)
patients: Demographics (write, addonly optional)
Medical/History (write, addonly optional)
Clinicians – write
patients: Appointments(write optional)
For the most part ACL prohibits access to billing information for an unauthorized user. When the unauthorized user chooses and an encounter, then clicks on “billing view” the result is that they are not granted access to view the “billing note” or “code”. Next when they drill down by clicking on the encounters’ hyper link, the coding frame to the right displays “Coding not authorized”
However, I found that the unauthorized user can still access billing information if they choose “super bill” or “fee sheet” from within an encounter.
Can the hyper link “super bill” and the “fee sheet” drop down list item be made unavailable in an encounter for a user unauthorized to view billing information?
-Mike