Hello, I am very new to openemr, but from the little I have seen I find it very usefull and handy program.
I want to setup a system to manage multiple doctors’ offices. Each doctor will have his own account in openemr and should be able to add his own patients and appointments. Also each user will have his own facility to see his patients. So far I have easily managed to do that, but the doctors’ accounts are able to create patients and appointments and assign them to a different doctor. As you can tell this is not a desirable outcome and can cause many problems when the system goes live. Is there a way to restrict access for the doctors (non-admin accounts) to be able to see only their patients and appointments?
Sounds like you may want to look into the multi-site module. This will allow you to configure separate databases per provider but still share the same codebase.
It is an interesting solution but not very handy. It needs too much HDD space because of the many copies of sites and databases. Also having to create new databases each time we want to add a new doctor is not something I can trust an employee to do. Thank you very much for your concern!
I have tried that but it doesn’t seem to work. Maybe I need to do anything else? I provide some screenshots. In 1 and 2 you can see the permissions, and in the 3rd you can see that Doctor1 can assign a patient to Doctor 2 and Administrator.
Why not exclude Demographics Write also to the right side screen… only than the Administrator has to do all the changes in the Demographics of the Client. Another option could be the Multi Facility setup of OpenEMR.
If you are located in the U.S., you’ll want to consider multi-site for HIPAA & security reasons. Also, the disk space used is really not much, and storage space is cheap.
I do not live in US. The multi-site feature will be my last solution. Right now the goal is each doctor(provider) to not be able to see the other providers’ names in the appointment creation, nor in the calendar. In other words, the drop down menu in provider and facility should contain only the user’s name and facility. Ofc the same should happen with the patients.
Hello. I am also interested in a solution to restrict the patients a doctor can see. As it is now, it could cause data privacy concerns. Maybe a group of doctors will be able to share patients inside the group, but not outside. Let me know if anyone has a solution for that.