Wong-ZZ
commented
3 years ago Team's Response
Intended behaviour as stated by you As an administrative staff, you can only add, edit, delete and find patients. You are unable to add, edit or delete medical notes..
To address I think it is unlikely they have access to such information in real life also, that is incorrect based on personal experience.
Duplicate status (if any):
--
According to the user guide, I read that "As an administrative staff, you can only add, edit, delete and find patients. You are unable to add, edit or delete medical notes."
But when I logged into the administrative staff account with default username "admin" , it allows me to view patient notes. Based on the way the user guide phrases the statement, it is suggested that administrative staff cannot view patient notes and I think it is unlikely they have access to such information in real life also (and also better that they don't have access as they are not required to).
To reproduce, log in to a doctors account and create a patient and a patient note. Then, log in to the administrative staff account and view the same patient.
Viewing patient note on administrative account.
[original: nus-cs2103-AY2021S1/pe-interim#2258]