Security: How to Configure Desktop Security for Notes
This section provides an overview of the desktop security settings associated with notes in OnTarget Clinical.
Depending on how notes are implemented throughout a particular organization, security settings can be put in place to control how notes are made visible to the end users. There are options for controlling the visibility of notes in the system.
Access to notes can be controlled per role by going to the Security menu under the Configure Desktop. To get an understanding of which users will be impacted by the settings for a particular role, select a role and look at the user assignment. Under Desktop Security, there are three options when the notes section is expanded.
Show Only User’s Notes is more restrictive in that it permits the user to see only their notes. When in the notes desktop, and in the search notes grid, they will only ever have access to review notes that they have written, limiting them from seeing anyone else’s documentation. In this option, supervisors of notes will only see all notes in which they are listed as the supervisor.
Show All Notes opens up visibility to all notes, but taking into account the cost center assignment and the assigned clients rules. This option is often most helpful in team delivered service environments. This means that there is still some control over what notes are visible, since cost centers and/or assigned clients are being respected. For example, If the Only Show Assigned Clients is checked, then even in the Show All Notes mode, the user will only see the notes that are associated with their assigned clients. That is also true for the cost center rules. If a user is restricted to what cost centers they see client/employee information for, then they are still restricted to viewing only the associated notes for their cost centers when the Show All Notes option is checked. In this mode, users are presented with all notes for the clients and staff (with respect to their cost centers or assigned clients rules). Again, editing is still not permitted; users are strictly able to review the notes.
It is important to understand that there is an inherent rule in the system that dictates the note writer as the only person ever allowed to edit a note. That rule is not configurable, nor flexible, as it follows the guidelines for electronic documentation. Therefore, what is being controlled is strictly visibility to notes. Even though users may be permitted to review others' notes, there will never be the opportunity for anyone other than the note writer themselves to edit a note.
Allow Notes Super-user mode (formerly located under OTC Global Permissions: Allow Super-user mode) is functionality that should be limited to management type positions who have authority to sign off on notes and approve for billing status. In the event the assigned supervisor of a note is not able to approve the note, then someone with super user status may act as the stand-in supervisor. This power enables the user to view ALL notes, for ALL cost centers and to open up a note to process for approval. When this happens, the super user's signature is applied to the note, and the note then travels on to the billing cycle.
Under Configure Dashboard, the minimum that should be enabled are the Notes and My Tasks dashlets.
Both of these are helpful tools when it comes to managing notes. The Unsigned/Unapproved Notes dashlet will be the notewriter’s queue for all unsigned, which equal incomplete, notes and it will also serve as the supervisors queue for all unapproved notes. The tasks dashlet serves as the means for internal messaging, where often the supervisors communicate to the notewriters about corrections needed on notes. Additionally, if Grid Notes are implemented, the Assessment Progress by ISP Goals and Intervention Progress by ISP Goals dashlets may be beneficial to enable, as these provide very nice graphs that showcase the outcomes and measure the progress towards goals.
Under the OTC Global Permissions (Desktop Security), system administrators have the choice to show Only Assigned Clients
Only Show Assigned Clients enforces the client roster to be set up for each user in this role so that the users can only view their clients. The rosters are managed under the Employee Desktops.
For each role, system administrators have the ability to determine how the corresponding users will be able to handle warning messages when scheduled items are being validated for compliance with the authorization, the client record and the employee record. This is managed under the Validations tab.
Each point of validation is listed and there is a tool tip that describes the purpose of each one. By enforcing the validation, the rule is turned on so that when notes are signed or approved, the system looks to ensure it is in compliance. If it is not enforced, the system will not check for compliance in that particular area. If a validation is enforced, it should be determined if it is over-rideable. If it is, then users are allowed to continue with signing or approving the notes at their discretion, but empowering them with the knowledge that the note will be out of compliance. If users are not allowed to override the validation, then the system will prevent the note from being signed or approved altogether until the event is no longer out of compliance with the validation.