The ACL (access control list) is not set up to easily restrict individual elements in (given example) demographics fields. You would have to make a new ARO (access control object) and give it a name like “license”. Then in the code that echos (prints) the value, the code has to make an “if” statement that asks with the function if(acl_check(‘admin’, ‘license’){echo($dl_number)}; else{echo("***-**_****")}; I am not sure where the function acl_check() is typically called for allowing you to navigate to certain sections or view certain data in the EMR. Typically, the ACL in OpenEMR is just used in broad strokes (“you can’t see this page at all”) instead of in detail (“You can see the page, but just not this value out of the database”). It is not set up in a very comprehensive way, because detailed control takes quite a bit of coding.
There is a problem with this item specifically, meaning ssn and license. The code that prints the demographics basically checks to see if you have access to demographics, then displays everything in the database table. For subscriber ssn, it is different. There is specific code that says “print subscriber ssn”. You could do the acl check before that statement, but everything in patient demographics is kinda optional. I myself took license and ssn out of demographics, because there is little reason to have that data! In fact, some patients refuse to allow you to have their drivers licenses to scan or take data from, and in many circumstances, they are completely correct. Subscriber ss may be a required field for some insurance companies, but medicaid and the like don’t use it. I am not sure if it is even included in an 837. If we need an ssn, we use a “mock” version.
Really, you might consider just not tracking that data, and deleting the database fields that contain it.