EMR Permissions

Posted on June 15, 2010 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

It’s always interesting to talk with someone about the permissions they should set in their EMR. Pretty much every EMR that has any footprint has a broad set of permissions available to restrict the access of your end users. It can often be a pretty significant task to set all of these permissions. Thankfully, it’s a project that you do once and then don’t have to go again (except for maybe some minor changes). Also, many EMR vendors have good templates for giving you a starting point for permissions.

What usually happens is that users end up with ALL sorts of restrictions on user accounts. I can’t say this is such a bad thing. Users should only have access to the information and features they need for the job. However, in the application of this rule, people almost always go overboard. Shortly after an implementation, the permissions are eventually opened up.

Since this is bound to happen, it’s important to make this part of the EMR implementation plan. Don’t make your nursing staff beg you for access to something. Give them a way to ask for access without making them feel like they are doing something they shouldn’t. Instead, encourage them to ask you for access to things that would make their life easier. That doesn’t mean that you’ll always give access, but from what I’ve seen, most people don’t want more access than what they need.

Remember that the rule is that people should only have access to the information that they need. If they’re asking for access to certain information to make their (and often your) life easier, then they probably do need it and should have access.