salinimt wrote on Tuesday, December 29, 2015:
Is it possible to set the permission for a user to see only one or two patients. Ie, Permssion based on individual patients. Not by entire patient. In checked in ACL. But there is no option for that.
salinimt wrote on Tuesday, December 29, 2015:
Is it possible to set the permission for a user to see only one or two patients. Ie, Permssion based on individual patients. Not by entire patient. In checked in ACL. But there is no option for that.
visolveemr wrote on Tuesday, December 29, 2015:
Hello Salini
This can be achieved through customization of code.
It can be implemented by providing access to only those patients for whome, the current logged in user has been saved in the ‘Refering Provider’ field. So, a user can see only the patients with referring provider as themself.
Thanks
OpenEMR Customization/Support Team,
ViSolve Inc
services@visolve.com | Phone: 408-850-2243
Demo’s @ ViSolve Demo Library
fsgl wrote on Tuesday, December 29, 2015:
To hide Encounter or Encounter History, see this.
tmccormi wrote on Tuesday, December 29, 2015:
We’ve done this. We created groups that the user can be assigned to and then assign the patient to that group. It only effects the paient search/finders at this point.
I’ll see if I can pull the code and share it, it’s in a custom project that has lots of other mods though.
bradymiller wrote on Thursday, December 31, 2015:
Hi,
Another way to code this would be to do what was done to control access to CDR rules (and also what Kevin was working on to control access to document categories). Can have option to assign a patient an aco object in the patient_data table(making it blank would be open to everybody), and then could use the php_gacl ACL controls to control access to the patients (and use acl_check() in code when see if a user should have access to the patient).
-brady
OpenEMR
tmccormi wrote on Thursday, December 31, 2015:
That would be useful for the class of “VIP Patients” but putting acl check in every case where that patients data could be viewed, onscreen or in any SQL query/report will be a daunting task.
We’ve only done this for the (too many) places where you can search for a patient.
tmccormi wrote on Thursday, December 31, 2015:
heck not even all of those, since there are many lookups in places like Calendar and Documents.
bradymiller wrote on Thursday, December 31, 2015:
Hi,
Could instead focus on more critical places like the patient summary and other places where acl checks are done for things with the aco section ‘patients’. Then could migrate it further upstream if needed (when show the patient list).
Could consider:
-Make a wrapper of acl_check() called acl_check_patient($patient_id) that basically grabs the aco_control column(acos array stored in json) from the pertinent patient_data row and runs the acos stored there through acl_check(). This way could assign multiple ACO’s to each patient.
-Regarding the ACO’s for the patients, would make a new aco section called ‘pat_access’ (something like that) that is like the ‘lists’ section(ie. a ‘default’ one and then maybe a ‘sensitive’ one as a starting point). This would allow any desired combination of customized access controls per patient.
-Then would place the ACO selector element in the patient demographics gui that allows multiple select of the aco items only in the ‘pat_access’ section.
-Then it’s just a matter of incorporating the acl_check_patient() where it’s needed in the codebase.
-And of course a global to turn this feature off(would place this in the acl_check_patient() function).
-brady
OpenEMR
aethelwulffe wrote on Thursday, December 31, 2015:
We have dem fields where there are different treatment programs listed. These are flagged on or off. In each program, there is an assigned clinician for each. If the ACL doesn’t allow full access, then access is limited to the users that are listed under the different programs. Most of those users can also only access their own encounters within a program.