1 / 23

AOHC Privacy Meeting Jan. 30 th , 2013

AOHC Privacy Meeting Jan. 30 th , 2013. Security Roles. AOHC Standard User Roles Nightingale has worked with AOHC to create a list of standard user roles (Administrator; Super User; Ordering; Non-Ordering)

misae
Download Presentation

AOHC Privacy Meeting Jan. 30 th , 2013

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. AOHC Privacy MeetingJan. 30th, 2013

  2. Security Roles • AOHC Standard User Roles • Nightingale has worked with AOHC to create a list of standard user roles (Administrator; Super User; Ordering; Non-Ordering) • Nightingale creates these initial user roles and assigns to each active provider based on the Needs Analysis completed by each centre. • Administrators at each centre are trained on how to create additional user roles and alter existing user roles and assign to users accordingly. • Enterprises with multiple locations can grant a user access to the multiple locations with varying user roles, as well as restrict access to the multiple locations.

  3. User Role

  4. Client Consent • Client consent can be recorded as a CPP medical alert • Information is visible on first opening the client’s chart. • Always available in the chart header • Updates to the medical alerts are tracked in the audit log, who updated, when and what was the update.

  5. Client Consent • Medical alerts can also be updated by moving the current alert to past history and creating a new CPP Alert. • Moving previous versions of the consent to past history will keep a historical record of the changes to consent. • Both options are tracked in the client’s security audit log.

  6. Consent audit log

  7. OLIS Consent • OLIS consent • Client are able to block their data, remove consent, or require consent from a provider to access their data through OLIS. • Client can remove consent at the test result level or report level. • Providers will be identified on the lab reports, if requesting provider is not the ordering, attending, admitting or copy-to provider then they will not see the result unless client gives consent. • Providers can send a consent override by selecting the Consent Override check box, Choose whether consent was from patient or substitute decision maker. This activity is tracked in the OLIS Query Audit Log.

  8. OLIS Consent

  9. OLIS Report Blocked • Before Consent Override • After Consent Override

  10. OLIS Lab Result Blocked • Before Consent Override • After Consent Override

  11. OLIS Query Activity Log • OLIS activity log within NOD can be searched by provider, user, or type of query.

  12. System Audit Log Access • User/Client audit logs • Administrators are given the access rights to run audit logs • User audit log • Client audit log

  13. System Audit Log Print/fax Log • Printing Rx, Labs and Referrals letters show in the audit log as additions to the client’s chart.

  14. Data Extract • when you run a data export from NOD the user and date the export took place is tracked in the audit log.

  15. Release of Information Tracking the release of information • Written Consent is scanned into the client’s chart • Verbal Consent • Note verbal consent on a referral letter within the Consultant Notes of the letter template.

  16. Lock Box CHC Enterprise Each CHC is set up as their own NOD Enterprise and does not have access to other NOD Enterprises. Each Enterprise has access to the charts within their Enterprise only. Masking a client record • Users who have the user rights to mask data can access the record locking feature. • Individual sections of the clients chart can be locked

  17. Lock Box • Users can mask the data element from all users except self ; mask from specific user roles; or individual users.

  18. Lock Box cont • Only users with the ability to unmask can unmask data. • If unmasking data it is required to enter the length of time to unmask and a reason. • Masking and unmasking is tracked in the client’s audit log or a user audit log.

  19. Masking cont Masking and BIRT • If data is masked from any user within the CHC Enterprise that data will not be sent to BIRT.

  20. Updating Client Data Client requests an update to their chart • Addendums can be added to a clinical note. • Deleting data from a client’s chart requires a reason for deletion. All tracked in the audit log. • Communication between a Centre and a client can be logged with the phone icon.

  21. System Security • Each user has the ability to set their NOD Dashboard settings to automatically log off after so many minutes. • Clinical lists created per provider are managed per provider, if one provider updates their list this does not affect the other providers.

  22. Privacy/Security Incident Management

  23. Question and Answer

More Related