Integration of Role based Access
Introduction to Integration of Role based Access
One of the overarching privacy principles in the CAISI Project is that agency staff only have access to records that are relevant to the care that they provide. This is true to the information accessed by a provider in their local agency, but it also extends to information viewed from a remote agency.
High Level Requirements
- A community of agencies will possess a community list of staff roles. An agency can define any role it wishes to, however in order for a staff person to have access to integrated information, they must have one of the agreed upon community roles.
- A provider can view remoite records only according to their community role and the rules that the community sets for what records a provider with that role can view.
- A local agency can freely define roles within their agency and what those roles can or cannot view of their local information.
- Health Information Custodian (HIC) status can be defined in the integrator (centrally)
- Rules governing which community roles in which agencies can see what information can be controlled centrally in the integrator.
Definitions
Local (e.g. agency)
This refers to the agency where the staff person is currently working. The staff person is presumed to be logged into the agency where he/she is currenlty working, this is the local agency.
Remote (e.g. agency):
This refers to the non-local agency whose data the local agency staff person is able to view. Remote agency data is viewed through the integrator.
Background
Community Roles and access rights
Community Role Category |
Community Roles |
Access to remote PHI |
Comments |
---|---|---|---|
Health Care Team |
- Psychiatrist - Doctor - Registered Nurse - Clinical Social Worker - nurse (don't use this role) - recreation therapist - Registered Practical Nurse - Nurse Manager - Clinical Case Manager |
Yes |
Access for the provision of health care |
Clinical Support Staff |
- Clinical Assistant - Medical Secretary |
Yes |
Access for the provision of health care |
Support staff |
- Secretary - Receptionist - Support Worker - Client Service Worker - Property Staff - CSW - Support Counsellor |
No |
|
Social Services Team |
- Housing Worker - Counsellor - Case Manager - Waitlist operator |
No |
|
Technical/IT support staff |
- System Administrator | Conditional |
IT staff may require access to data for the purpose of providing technical support or systems maintenance |
Agency’s Privacy Officer |
Conditional |
Privacy Officers may require access to data for the purpose of auditing
compliance and following-up on requests for access, requests for
corrections, complaints and breaches. |
|
Ombudsperson | Conditional |
No access to data from CAISI system. May have information received directly from client. |
Integration Rules for Progress Notes
The following table indicates which role category can see notes written by which remote role category.
Table 1.2 Rules for viewing remote progress notes
How to read table 1.2:
- HIC and Non-HIC agency staff role categories are listed down the left column
- If you follow a staff role category across from left to right you can see which progress notes written by which role category from a remote agency can be viewed by this staff role. For example:
- HIC health care team staff can read notes written by: HIC health care team, clinical support staff, support staff, social services staff, agency privacy officer and non-HIC support staff, social services staff, agency privacy officer
- non-HIC social services staff can read notes written by: HIC clinical support staff, support staff, social services staff, agency privacy officer and non-HIC support staff, social services staff, agency privacy officer
- HIC agency support staff cannot read PHI written by HIC health care team
- none of the non-HIC staff can read any progress notes written by any of the HIC health care team staff. They can however read notes written by HIC non health care team staff. E.g. a non health care team social worker at a non-HIC can read progress notes written by non-health care team social worker in a HIC.
Integration Rules for Issues
Table 1.3 Rules for viewing remote issues
How to read table 1.3:
- As background one must note that issues in and of themselves regardless of who assigned them are characterized by role type classes: e.g. issues are categorised as doctor issues (e.g. ICD-10 codes), nurse issues (e.g. Street Health nurse codes) or counsellor issues (e.g. City of Toronto Case Management Manual issues).
- HIC and Non-HIC agency staff role categories are listed down the left column
- If you follow a staff role category across from left to right you can see which types of remote issues can be seen by which role category at the local agency. For example:
- HIC health care team staff can read doctor, nurse and counselor issues
- HIC social service team staff can read only remote counselor issues
- non-HIC social service team staff can read only remote counselor issues
Comments
- In this scenario, it would be possible for a doctor to note that a client has a 'housing issue' and for a remote HIC non health team counselor to see this 'housing issue' but not see any notes related to it. Presumably that would be acceptable as that HIC counselor would be able to see counselor issues written by a doctor at that site even though they are not part of the health team.
Integration Rules for Prescribed Medications
Table 1.4 Rules for viewing remote MD Prescribed Medications/Prescription and Prevention Data
Comments
1. An other agency privacy officer (non-HIC Agency) may need to have access to medication or health information in the event of a breach that results in health information being wrongly available in the other agency.
How to read table 1.4:
- This table can be read in the same manner as table 1.2
- Here we see that for example information on medications that have been prescribed by physicians in remote agencies can only be seen by the health care team staff and the Clinical Support Staff.
Integration Rules for Remote Referrals
Table 1.5 Rules for viewing remote Referrals
How to read table 1.5:
- This table can be read in the same manner as table 1.2
- Here we see that referrals can be seen by all staff that are able to view remote data. That is Health care team, Clinical Support staff, and Support Staff, and Social Services staff in both HIC's and non-HIC's.
Integration Rules for Searches of clients
Table 1.6 Rules for viewing remote client search results
How to read table 1.6:
- This table can be read in the same manner as table 1.2
- Here we see that searches can be seen by all staff that are able to view remote data. That is Health care team, Clinical Support staff, and Support Staff, and Social Services staff in both HIC's and non-HIC's.
Requirements
- It should be possible to label or categorize agencies as HIC's or non-HIC's centrally within the integrator. Editing of this should only be possible by an authorised person. This might be done in a configuration file or some other place that can be set up by an IT person with the aim that perhaps later it could be done through a user interface by an integrator administrator.
- Viewing of remote records should be governed by the rules described in table 1.2. This should be controlled by the integrator. It should be possible to change these rules periodically. The rules can be done by a programmer within the code base (e.g. with if statements) but preferably in a configuration file that can be changed without releasing new code with the view that it might eventually lead to an administrator user interface.
- Hierarchy of role based access governed by integrator:
- integrator separates integration of information between HIC's and non-HIC's. Information cannot be viewed between HIC's and non-HIC's.
- specific role based access described in table 1.2-1.5 between HIC and non-HIC agencies will be allowed.
- Agencies must use commonly agreed upon role names in order for integration to work through the integrator. These roles are defined here: Detailed Lists of Role Based Information
- A HIC could allow social services staff to view local health team records, or to otherwise follow different role based access rules, however remote record viewing will be forced to follow the rules as set in table 1.2. E.g. a HIC agency might allow social services staff to view local health team records from that agency, howevever the social services staff would never be allowed to view remote health team records.
Document Actions