2 user scenario

Hii…
In openemr, I have 2 users, one is myself - admin and physician (for tthis post called PHYSICIAN A) and 2nd is another physician (for this post called PHYSICIAN B).

Physician A has administrative role and is also a provider. Has patients under him in the emr. Physician B has only physician role and has patients under him too. In the user gui, I have selected calender authorisation as only mine for physician B.

when physician B logs in, he is able to see physician A’s calendar just by clicking his name in the small user box on the calendar screen. Should this be the case?

Even physician B can see all the patients in the patient list, be it physician A’s patient or B’s patient. Physician B is also able to checkout the encounters of the A’s patients, can edit them and save changes. Dont you think this authorization should depend on physician A, who can allow to look into a certain patients encounter to other physician only if he wants? Shouldnt there be procedure for a physician to share his patient to other physicians of the clinic at his/her will,only then the other physician can see the patient details/encounter details of that patient?

@arnabnaha,
We assume that the current functionality of calendar, displays the patients list based on the provider. So the Physician B could able to see the Physician A’s patient list/edit. We can restrict the physicians functionality through ACL, but it affects the whole physician. May be what you are looking for should be a new feature suggestions.

Thanks,
ViSolve

1 Like

It will be good to have this as a new feature. Doing this via ACl might hamper the physician group completely. This feature will help many as physicians are quite uncomfortable when somebody else can modify and change their patient records. It should be considered as an authorisation error.

Hello @brady.miller @sjpadgett @visolveemr @MatthewVita
Can you please take a look at this issue. It is something, openemr needs to fix and should be addressed. Please take a look at it (initial post) and please suggest a workaround/fix for this. Will be highly obliged.

Thanks and Regards
Arnab

Hi Dr. Arnab,

This will need to be a new feature and if the others agree, we can set up a project for it.

I have commonly seen setups in the US (outpatient setting) where one patient panel is shared between multiple providers (sometimes called a “provider group”). I’m wondering if there is a truly a risk in seeing/editing each others data if the providers are all working together.

This could be different in the inpatient setting or in different countries. I am interested in hearing more about the rationale!

-m

Yes…its true…if providers are working in group for a patient or group of patients, they can modify or add data to the encounters or details of the patient…but that needs to be decided first and then activated by the admin. This should not be a default feature.

The default should be a provider is able to see his own patients until the other provider agrees to share his patients medical file with consent of the patient. This is an ethical issue and can be a problem too…if somebody changes a patient record by mistake/ purposefully :slight_smile:

Thanks @MatthewVita for your input
Yes…its true…if providers are working in group for a patient or group of patients, they can modify or add data to the encounters or details of the patient…but that needs to be decided first and then activated by the admin. This should not be a default feature.

The default should be a provider is able to see his own patients until the other provider agrees to share his patients medical file with consent of the patient. This is an ethical issue and can be a problem too…if somebody changes a patient record by mistake/ purposefully :slight_smile:

Hi all,

This is an interesting issue that differs across different cultures, regions, and clinical scenarios. In the US, except for rare clinic environments where competition is an issue (ie. for example, a commercialized clinic where there is a concern a visiting physician tries to run off with a patient list), it is assumed that patient information within a clinic/hospital/network is accessible to all. in fact, if, for example, a clinician within a system was not able to get information for all the patients, there would be potential liability issues on the clinic (ie. “why could the covering doctor not see information that was there during that emergency”).

However, the opposite issue has also been raised outside the US whereby sharing of patient information across physicians in the same facility requires consent of patients(akin to the US where consent is instead required across facilities, but not by each individual physician).

-brady

Quick question. Is this something that can be solved(at least for now) by using separate OpenEMR instances (and/or multisite feature)?

A facility having 5 providers will need five openemr databases and 5 instances. Wont it be a bit cumbersome? Wont it slow down the openemr a bit due to so many databases hitting the same server?? @brady.miller

A solution may be in using the care team in demographics to determine patient sharing. Not sure why care team is there but perhaps setting up care team assignments in users or a separate care team widget. Could leave provider permissions alone and have primary add or delete to the team.

nice thought, looks like @zhopenemr may have added this when they contributed their portal?

edit: it was added openemr/4_2_0-to-4_2_1_upgrade.sql at master · openemr/openemr · GitHub

@arnabnaha ,

In this case, wouldn’t be performance issues (servers aren’t limited by the number of openemr instances, but more by the traffic of use of OpenEMR). But agree would be cumbersome to manage separate instances, especially, if there needed to be patient sharing of records. However, if each physician is meant to be it’s own entity and patient sharing of records is not allowed, then doing this may make sense. Really depends on the specific goals.

The care teams approach seems promising and flexible, and also lends itself to inpatient support, which is part of OpenEMR’s roadmap.

-brady