I think ‘Move Document to Category’ and ‘Move to Patient #’ should be available only to admin or few users. With my experience I see my nurses are moving lot of documents here and there, and concerns security.
Is there a way we can restrict them not to move them to different folders or different patients.
Using this logic, would same restructions be placed on moving documents in and out of OpenEMR via local drives and health information exchange services?
Yeah, the ACL could use more specific restrictions, and fewer broad ones. I wish every feature was turned on by specific ACL funtions :) I REALLY wish that encounters were not always “authorized” just because someone is a provider. That screws it up for having supervised providers, and makes it so that anyone that is a provider and makes a fee sheet, the fee sheet is automatically authorized, when it would be REAL GOOD if fees were not authorized until the fee sheet reviewer/biller scrubs them for errors.