tmccormi wrote on Monday, April 20, 2009:
We have customers with multiple facilities. They are sharing one instance of OpenEMR.
One requirement for both HIPAA and ease of use was to limit the patient access to just those patients that "belong" to a specific facility.
To do that Aron implemented some changes to the system that prevent the FIND/Search features from displaying patients use "Assigned Clinic" is not equal to the users facility default.
We added these options to the globals.php file:
// comment these params to avoid restricting patient search by user table attribute
$GLOBALS[‘pt_restrict_field’] = “userlist3”;
$GLOBALS[‘pt_restrict_admin’] = false;
$GLOBALS[‘pt_restrict_by_id’] = false;
Userlist3 has a map in the Lists table to the Facility ID in the facility table. It would be better if the patient_data allowed for a facility choice just like the provider choice.
The other two options allow for the user=admin to be restricted or not and lookup by ID to be restricted or not.
The logic behind the ID restriction is to allow for a patient to go to the "other" clinic if necessary and then they can be looked up by ID if needed.
The limitations are superficial, but meet the need.
Would the community be interested in this change?
Would the community consider added a standard field to patient_data for facility assignment?
Would it be better to enhance the ACL to handle this with real access limits down the road?
Tony