Name | Value |
---|---|
NAME | DG SENSITIVE RECORD ACCESS |
TAG | PTSEC |
ROUTINE | DGSEC4 |
RETURN VALUE TYPE | ARRAY |
AVAILABILITY | PUBLIC |
APP PROXY ALLOWED | Yes |
DESCRIPTION | This Remote Procedure Call (RPC) will: - Determine if user accessing a sensitive record or an employee's record. - Verify user is not accessing his/her own Patient file record if the Restrict Patient Record Access (#1201) field in the MAS parameters (#43) file is set to yes and the user does not hold the DG RECORD ACCESS security key. If parameter set to yes and user is not a key holder , a social security number must be defined in the New Person file for the user to access any Patient file record. |
INPUT PARAMETER |
|
RETURN PARAMETER DESCRIPTION | RESULT(1) = -1-RPC/API failed DG SENSITIVE RECORD BULLETIN RPC to update DG Security Log file and generate Sensitive Record Access mail message. Sensitive - not an inpatient and not a key holder or Employee/not a DG SECURITY OFFICER key holder 3-Access to record denied Accessing own Patient file record 4-Access to Patient file (#2) records denied SSN not defined RESULT(2-n) = error message or warning/Privacy Act message. Error and warning messages will begin in RESULT(2) array. The Privacy Act message Required variable not defined is the longest message and will utilize RESULT(2)- RESULT(8). If RESULT(1)=1, the DG Security Log file is updated. If RESULT(1)=2, the user must acknowledge they want to access the restricted record and the application must call the DG SENSITIVE RECORD BULLETIN RPC to update the DG Security Log file and generate the Sensitive Record Access mail message. 0-No display/action required Not an employee, not sensitive or not accessing own Patient record 1-Display warning message Sensitive - inpatient or a DG SENSITIVITY key holder or Employee and DG SECURITY OFFICER key holder 2-Display warning message, require OK to continue and call |