Patient Access Security Groups and Document Security Codes

From Galen Healthcare Solutions - Allscripts TouchWorks EHR Wiki
Jump to navigation Jump to search

Problem:

Some state laws require that the behavioral health notes can be accessed by no one, at all, who is not associated with the behavioral health division.

Some state laws also require that clients monitor who is accessing VIP charts.


Question:

How do you set up the security so that users are able to access VIP patients, who may also have secure Behavioral Health documents, without allowing them to see the secure documents?

Answer:

Scenario 1

  • VIP patients are in the VIP Patient Access Security group, which has a ‘VIP Patient Access Security Group’ security code.
  1. No users (except maybe providers) would have this code assigned to them.
  2. All users that do not have this code would have to type in their password to override security and their actions would be audited while in that patient chart.

Scenario 2

  • Behavioral Health documents have a security code assigned to them.
  1. Only users that work in the Behavioral Health department would have the Behavioral Health Document Security Code assigned to their usernames. They are able to see these documents with no ‘visible’ security restrictions when accessing the chart.
  2. Users that do not have the Behavioral Health security code, but do have “Break Glass” security, can override the security on these documents by activating Break Glass. They would see the [R] in the patient banner, and the Break Glass button in the patient banner.
  3. Users that do not have the Behavioral Health security code and also do not have Break Glass security would be unaware that there are additional ‘secure’ documents in the chart.

Scenario 3

  • Patients that have both Behavioral Health documents and are also in the VIP Security group :
  1. Users with the VIP Security group code and Behavioral Health document security code would be able to access the chart without invoking additional security, as well as the ability to see the secure Behavioral health documents without additional security.
  2. Users with the VIP Security group code and Break Glass, but without Behavioral Health Security code, would be able to access the chart without invoking additional security, and would be able to break glass to see the secure Behavioral health documents
  3. Users with VIP Security group code, but without Break Glass security, and without Behavioral Health document security code, would be able to access the chart without invoking additional security, but would not be able to see the Behavioral Health documents.
  4. Users without VIP Security group code, but with Break Glass, and without Behavioral Health document security code, would need to invoke additional security to access the chart, and Break Glass to access the Behavioral Health documents.
  5. Users without VIP Security Code, without Break Glass, and without Behavioral Health document security code, would need to invoke additional security to access the chart, but would not be able to see the Behavioral Health documents.

Links

Back to Security

Retrieved from "https://wiki.galenhealthcare.com/index.php?title=Patient_Access_Security_Groups_and_Document_Security_Codes&oldid=14672"