Restrict Data Access to Assigned Patients

altarity wrote on Wednesday, August 23, 2006:

I posted this in the user forum, before realizing it might be better answered here. Hope this is ok.

I have the need to schedule and track appointments/encounters at a large number of clinics that are part of an extended service network. Is there anyway to restrict access to individual patient data based on either Provider or Clinic?

I’ve got an inkling of the sql changes that would need to happen, but would rather not re-invent the wheel if someone has already tackled this.

sunsetsystems wrote on Wednesday, August 23, 2006:

I think the normal approach is to install a separate OpenEMR instance for each clinic.  Is there a compelling reason not to do that?


altarity wrote on Wednesday, August 23, 2006:

My client is a small startup that contracts with different providers across the country to provide patient aftercare for a a specific surgical procedure. The patients are my client’s customers. Through an agreement with the providers the patient can visit any of the participating clinics and pay the same price for aftercare procedures. In reality any single provider will only be providing care for a very small subset my clients customers.

In most cases the clinics already have some sort of software managing their clinic.  My client would like to track appointments, encounters and billing for their customers only.  The patients sign an agreement that their information can be shared with any provider in the network, but in reality my client restricts access of the patient history to assigned providers.  OpenEMR seems like the perfect tool for my client, if we could get the little bit of additional functionality.

If this hasn’t been done before, I’m tempted to try it myself.  For this application, the functionality required at the provider level is a pretty small subset of the features of OpenEMR.I’m hoping this limmits the scope of changes that I would need to make. I’m not sure that my hacks would be applicable to the larger community, but I’ve never taken part in an OpenSource project, so I don’t know what the rules are.  Any suggestions on how to proceed are appreciated.


Ryland B.

sunsetsystems wrote on Wednesday, August 23, 2006:

You may want to become familiar with phpGACL and OpenEMR’s implementation of it – see library/ and acl_setup.php.  What might work is to create an ACO for each patient, and add an interface for easily assigning user rights to them.


markleeds wrote on Thursday, August 24, 2006:

If a patient is established on the first encounter with a particular provider, that patient will always see that provider only, regardless of the clinic location.  Is that correct?

What if the subset of patients ‘assigned’ to a provider were the only ones who would be visible to that provider?

One way to start would be to limit patient searches based on the ‘assigned’ provider (this is not a database field so it would have to be manufactured or added to the database).

Then, you would have to keep computer-savvy users from entering non-assigned patients in a url.

It’s an interesting problem and probably a useful feature some other users.

There will be many areas in the program that will need modification to make it fully functional and secure.  It should be an optional feature that can be turned on and off with a single switch.

It might also be useful to some to make individual or blocks of patient records temporarily available to other users in the case of referrals or coverage.

altarity wrote on Friday, August 25, 2006:

It’s possible that a patient will transfer care to another clinic location. 

Your approach is exactly what I had in mind. This is a simplistic overview:

1.  Add a "assigned_provider" field to the customer table.
2.  Modify the SQL for the Customer query so that we have "WHERE assigner_provider = $current_user" to limmit the search

I’m very new to OPENEMR, have a pretty good understanding of SQL, a rudimentary understanding of PHP.  I’m pretty sure that I could hack it, but I’m also pretty sure it would be ugly, and probably not terribly secure.

If others would find this feature useful, I am glad to contribute to the project anyway I can. 

samoilo wrote on Tuesday, November 07, 2006:

I also need to assign permits to the different users, so they won´t see each others patients.

It is essential for the application to protect confidentiality.

I tried to install and use phpGACL, but the documentation is not clear on how to install both packages. Do they use the same database?. Should I import one into another?

Thanks for any input.

bradymiller wrote on Wednesday, November 08, 2006:

Check out phpgacl howto page at:|outline
This page contains instructions for installing all the openemr components on Mandriva.

Other howto’s can be find on the wiki at:


bradymiller wrote on Wednesday, November 08, 2006:

I also forgot to mention. Rod’s OpenEMR Manual(‘Access Control’ section) link below will show how to use phpgacl in openemr:

I made a few file changes that allow doctors to see only their patients. Not always all doctors can see all patients…

Again I thought this is what See Authorizations is for!

Having just tested, doesn’t appear to be working! Did your modifications deal with this and how about contributing any fix you have back to the community ie new Pull Request.

hello can you share with me the file can restret docotor to his patient

Hello. Which version are you using? Can I access your system directly, or I have to access it thru your computer using Anydesk or Teamviewer?


we can use andydesk and version is openemr 6.1


The system costs U$D 165. You send me 65, I send the files, and when it works Ok, you send me the rest.

Is this Ok?


Sergio R. Samoilovich

Hello @kimi99
I’m curious if you are aware of the custom module called Patient Privacy discussed on the wiki here:

It is a very flexible and robust module that gives total control over which users may view and edit which patients’ health information.

Just scroll a little down the page for a brief illustrated demo of its capabilities and how to contact the developer.
Best- Harley

1 Like