OpenMRS doesn't (yet) have data-level permissions, including patient-specific permissions. The restrict-by-role module<https://modules.openmrs.org/modules/view.jsp?module=restrictbyrole> is an attempt to restrict patient access by role. Adding this robustly to the platform will likely require some significant changes in the API, like adding an institution attribute to each data table and the API's Context.
We should be logging patient access; however, I don't know that it's being done in a manner that would make it easy to look up who has viewed a patient's information. This would be a great addition to the platform. -Burke On Sat, May 12, 2012 at 12:19 PM, Ali Habib <ali.ha...@irdresearch.org>wrote: > Hello all, > > Is it possible to have patient level access permissions (so that if I work > say, in province X, I can't view patients from province Y). Alternately, is > there some way to track who has viewed a given patient record? > > This is coming from a potential project where the users have concerns > about the ethics of patient access. At the minimum, they want to be able to > see who has viewed a patient record. Does anyone have ideas about whether > this is currently possible in OpenMRS? Or how best to go about coding this > in? We're not currently tied to a particular version of OpenMRS. > > Thanks! > Ali > -- > Ali Habib > Director, Informatics > Interactive Research and Development > Ph: +92-21-34327697 > ali.ha...@irdresearch.org > http://www.irdresearch.org > > ------------------------------ > Click here to > unsubscribe<lists...@listserv.iupui.edu?body=SIGNOFF%20openmrs-devel-l>from > OpenMRS Developers' mailing list _________________________________________ To unsubscribe from OpenMRS Developers' mailing list, send an e-mail to lists...@listserv.iupui.edu with "SIGNOFF openmrs-devel-l" in the body (not the subject) of your e-mail. [mailto:lists...@listserv.iupui.edu?body=SIGNOFF%20openmrs-devel-l]
