What is the context?
Security Policies govern different aspects of data security in Meddbase. Each policy type (or certificate) governs a set of user permissions.
These permissions determine if/how users will be able to interact with data protected by a given policy or certificate, e.g. Company record protected by a Company Policy; Patient record protected by a Patient Policy.
Many permissions need to be used in conjunction with permissions governed by other certificates e.g. Company Certificate(s).
What is the purpose of the article?
This article provides a detailed description of user permissions governed by the Patient Certificate(s)
Permissions
Permission | Description |
---|---|
View Patient Demographic |
Allows users to search for patients and access their record page. The only actions this permission enables on the Patient's Record page are: Collaborate, Assign Task, Contact patient via Email or SMS, view Appointment History, write in their Message Feed. (Please note - This permission also requires granting the View Company Summary Record governed by the Company Policy.) |
Modify Patient Demographic | Adds users' ability to view and modify patient's Personal Details e.g. Date of Birth or Address. |
View Patient Medical Record |
Adds users' ability to view the patient's Medical History and navigate to an individual Appointment Home Page. Also adds users' ability to visit the Documents section on the patient's record. (Please note - Viewing and interacting with individual documents requires permissions on the Document Policy assigned to respective documents e.g. View document - to view document list; Download document - to see document preview etc.) |
Modify Patient Medical Record |
Adds users' ability to log information in the patient's Medical History, navigate to an individual appointment's Consultation page and add/remove information on a Clinical Form. |
View Patient Accounts | Adds users' ability to access the 'Eligibility and Cases' section and create a case, and access the 'Accounts' sections of the Patient's record page. |
Modify Patient Accounts | Adds users' ability to add an authorisation in the 'Eligibility and Cases' section, add payments and mark invoices as sent in the 'Accounts' section of the Patient Record. |
Book Appointment for Patient |
Adds users' ability to book an appointment for a patient via Schedule, via Slot Finder and book a Walk-in Appointment. (Please note - This also requires the View Company Charge-bands and Service Prices and the View Services permissions granted on the relevant Company Policy.) |
Make Pathology Lab Request |
Adds users' ability to request Pathology from the respective laboratory. (Please note - This also requires the permissions to View Patient Demographic and Modify Patient Medical Record granted on the relevant Patient Policy.) |
Refer Patient |
Adds users' ability to refer the patient to an internal or external specialist. (Please note - Completing a referral also requires the View Document and Modify Document permissions granted on the relevant Document Policy.) |
View Patient Activity |
Adds users' ability to view the activity on the Patient Record e.g. page views, changes to the record etc. |
Delete Patient Record |
Adds users' ability to delete a patient's record. (Please note - Deleting a patient's record does not permanently remove it, but rather changes the status of the record to 'Deleted'. Deleted records can be restored.) |
Make Prescription |
Adds users' ability to prescribe a drug to the patient during a consultation. (Please note - Only a Medical Person can prescribe drugs.) |
Can View Referrals |
Adds users' ability to view the Patient's referrals. (Please note - This also requires the View Company Referrals permission granted on the relevant Company Policy.) |
Can View Contacts |
Adds users' ability to view the patient's contacts. |
Can Modify Contacts |
Adds users' ability to add, edit or remove patient's contacts. |
Can Share Message-Feed Messages With Patient/Employer |
Adds users' ability to share messages written in the message-feed on the patient's Record page with the patient via the Patient Portal and/or with the employer via the Referral Portal. |
Can Share Medical History Events With Patient |
Adds users' ability to share various elements of the medical history timeline with the patient via the Patient Portal. (Please note - Sharing documents with the patient via the Patient Portal or the patient's employer via the Referral Portal is governed by the Can Share Documents With Patient/Employer permission on the relevant Document Policy.) |
Can View Prescription |
Adds users' ability to view patient's prescriptions. |
Can Wipe Patient |
Adds users' ability to permanently remove a patient record after it had been 'Deleted'. (Please note! Wiping a patient involves permanent loss of data. If done by mistake, please contact Meddbase support immediately.) |
Can Merge Patient |
Adds users' ability to merge duplicate patient records. (Please note - Duplicate records are identified based on First Name, Surname and DOB matching. Record merge is permanent.) |
Can Close Case |
Adds users' ability to close an open case along with all related episodes (clinical forms). |
Can Reopen Case |
Adds users' ability to re-open a closed case, thus restoring the ability to edit episodes related to the case. |
Can View Clinical Case Name |
Adds users' ability to view Case Names in the 'Eligibility and Cases' section of the patient record. (Please note - If the View Patient Medical Record permission is granted, it supersedes this permission and allows viewing Case Names along with the rest of the medical history.) |
Can Assign Policy |
Adds users' ability to assign this policy to a patient record. (Please note - Having this permission granted on a Patient Policy is necessary for creating patient records.) |
Can Un-assign Policy |
Adds users' ability to un-assign this policy and switch over to an alternative certificate. (Please note - This requires the Can Assign Policy permission granted on the alternative certificate.) |
Review date
This article was last updated on 29th October 2024.