Access Control By Facility

(system) #1

mike-h30 wrote on Wednesday, September 07, 2011:

When using multiple facilities, is it possible to restrict a user’s access to patient data or patient encounters to only one facility?  Thanks.


(system) #2

bradymiller wrote on Thursday, September 08, 2011:

In Administration->Globals->Features, there is an entry ‘Restrict Users to Facilities’, and can then set the facility in Administration->Users. Note, there may be bugs with this feature and not sure if can limit patients (think it’s really mostly for scheduling). Another option is to create a completely separate instance of OpenEMR for each facility.

(system) #3

mike-h30 wrote on Thursday, September 08, 2011:

I would like to avoid creating a second instance of OpenEMR as the same patient would exist at both facilities thus creating data redundancy.

How about utilizing a custom field in patient demographics to assign a facility to a patient?  Then a user’s access control could be restricted to a specific facility right?

I will check out the “Restrict Users to Facilities” option in Globals.  Thanks Brady!!


(system) #4

bradymiller wrote on Thursday, September 08, 2011:


Depending on how the ‘Restrict Users to Facilities’ actually works. IF it works, then a good strategy may be to then make a ‘Restrict Patients to Facilities’ global that complements above, but does for patients (and the facility(s) for patient could be entered in demographics; could even store this in it’s own table since the patient_data table is getting close to being over-crowded). Obviously, this would require some development, but would be a useful feature(could even then extend this facility mapping table to other features such as tracking “sensitive” patients that require warnings when accessing etc.).



(system) #5

raimund-e wrote on Monday, September 07, 2015:

Hi guys,
am just starting to implement OpenEMR for a small clinic where several providers work independently and should only see their own patients.
I followed the instructions from the FAQ, but this only hides facilities from the calendar, while the complete list of patients is still visible for every provider.
In this thread Bill hinted at the option of using the user_facility table to theat end, so I also tried to play with that, manually entering | patient_data | 91 | 3 | , but this did not seem to have any effect.
Has anyone worked on this since 2011, or is it just unfinished code that needs more development?


(system) #6

fsgl wrote on Monday, September 07, 2015:

Are you able to use Multiple Sites for each practice despite the fact they are all under one roof?

(system) #7

visolveemr wrote on Tuesday, September 08, 2015:

Hello Raimund

To restrict the users list for the providers logged in, we may need to customize the code. The 'Restrict Users to Facilities ’ will not restrict the patients specific to the providers, as you mentioned this uses the user_facility table for its functionality.

Since Fine granularization is not available in OpenEMR ACL, we need to do code customizations to achieve the same.

OpenEMR Customization/Support Team,
ViSolve Inc | Phone: 408-850-2243
Demo’s @ ViSolve Demo Library

(Raimund Engel) #8

A much belated thank you for the answer. In a first step we are now implementing OpenEMR with completely separated instances, but will look into the problem again in the next phase. Then I might get back to you re. customization.

(Brady Miller) #9

Hi @RaimundE ,

On a related note, @ken recently brought in a very nice mechanism to create modules that can be used to restrict patients for users/facilities:

(Ken Chapple) #10

Hi @RaimundE Yes, Check out the sample module in tests/eventdispatcher which has the capability of filtering patients. The README has instructions how to install the module. This can be enhanced to filter by facility with some simple changes to the code to look at a facility/users query instead of a blacklist. We have implemented it for a couple customers. Good luck! Let me know if you have any questions.

(Raimund Engel) #11

Hi @brady.miller and @ken,
great to hear that you were able to work on that issue! With data protection becoming more of an issue, I’d assume that a lot of people will be interested.
I’ll forward this to our web developer and he’ll have a look at it after his vacation.