We’re seeing an access issue with a new user added after we upgraded to v4.1.2(7) and Ubuntu 14.04.
Users who were in the system with Billing and Front Desk access were able to (and still can) see “Codes” for any patient in all 8 facilities from the billing view of Encounter History.
The new user sees “(No access)” in the “Codes” column for all patients outside our main facility, even with same access rights and Facility Specific User Information as other users.
Also, in the “Clinical View” the “Billing” column shows “(No access)” for the new user, although they have Billing access. The ACL (MYPhp Admin) has not been touched and appears to have only default (placeholder) values. TIA for any help.
-David
There is a heavy price to granting Front Office access to that part of Visit History. See attachment a.
“No Access” is stipulated by the script in openemr/interface/patient_file/history/encounters.php. See attachment c.
Alternatively, Line 518 can be altered to remove the 2 ACO’s, which I did not test. If successfully accomplished, it should be acceptable to leave the 2 coding ACO’s, if Front Desk does billing.
I am in agreement that the front office’s access should be guarded. I am moving ahead cautiously with all changes, and am just experimenting with my test system at present.
The front staff can still see the billing information for each encounter via the fee sheet, so it did not make sense why they are not shown the same information in the billing view, especially when it is a convenient billing snapshot. We often have insurance calling to verify invoices, and this saves our staff from clicking through various screens to collect the same information. They always had access to this up until the last major release of OpenEMR.