|
| From: | James Busser |
| Subject: | Re: [Gnumed-devel] Better-supporting staff and other non-patient persons |
| Date: | Sun, 14 Sep 2008 21:32:20 -0700 |
On 14-Sep-08, at 12:39 AM, Sebastian Hilbert wrote:
Just for personal interest where within GNUmed do you need these persons. Do you think about creating a login role for them or do you need them a doctorstaking over responsibility for lab results ?
Could be either or both.On the question of having to enlist staff (or people needing logins) as "people" there is a problem and not just for me.
Each month I get 2 apprentice doctors ("medical residents) who work with me. Occasionally there is a medical student. I have it on good authority who they are, I get a letter from the Dean's office or Postgraduate training program and besides I often already know them from hospital work. I do not employ these people, but I would need to give them access. Presently if I would look them up in the large hospital system, I would see only their status (medical student or medical resident) and their license number, but not their dates of birth or other personal details.
These people are typically with me for a month. Without an EMR, I do not seek from them their dates of birth nor the address where they are living. Only some contact numbers (pager, cel, maybe home phone) and email address. Both they and the administration would probably judge me a bit strange to insist that I need a date of birth. Unless the schema is made smarter, I shall need to put in dummy dates of birth as well as suspected genders.
There is also the question of protecting the staff's personal information. By making them part of the database, including their personal information becomes exposed throughout GNUmed. Yes, I know, individuals getting their health recorded in GNUmed will have potentially more sensitive information, however some of the staff may get their care in GNUmed, and even those who do not may not want their dates of birth and phone numbers and information like address and contact numbers accessible to anyone and everyone in the praxis, including temporary staff. Among people working together on a daily basis there as much or greater need for privacy.
Perhaps everyone else lives among people who are honourable. However in my class of 100 medical students, the behaviour of more than one have been described to me as quite concerning and I trust that at least one had a restraining order levied against him.
Therefore if I would hire a young woman, say the teenage daughter of a staff member or colleague, I would be concerned that I needed to protect her information, At minimum, if their record came up in a GNUmed query and if it were to be selected, I would at minimum want the software to recognize when the individual was a member of staff (or other "sensitive" person) and I would need the dialog to say:
You have selected a <member of staff <<or>> <person over whom there are privacy concerns>. If you proceed to activate their record, this activity will be logged. Do you wish to continue?"
For GNUmed 0.3.x I would be satisfied with the alert though it be an empty threat. For GNUmed 0.4.x I would propose that at least a single record per user activation of a patient where subsequent accesses do not need to create a new record, the subsequent accesses would simply increment the total accesses say in past 30 days and would refresh the last_accessed date-time stamp (leaving alone the first-accessed datetimestamp filed).
I have a lot of experience with requirements for privacy in official capacities and this minimum capacity can let GNUmed be used in many more places than would be permitted without such a capacity. This would hopefully strike a balance against Karsten's reasonable concern that short of video capture of user and screen nothing is perfect, also the impracticality of logging and storing *everything*, against the legitimate need patients may have to know which person(s) in the praxis have been accessing their record. It would also be useful when there is no question of bad behaviour and only a question of who may know something helpful about a patient when they may have been glancing the record without having left the telltale sign of having written anything new. This could help to know "well, Dr X may not have left any instructions, but I do know he or she was at least looking at your record earlier today or yesterday so there is a good chance he/she may be aware so maybe we can just wait until we can contact them about this later today or tomorrow.
| [Prev in Thread] | Current Thread | [Next in Thread] |