Open dc2007git opened 1 week ago
Lead clinician = administrator
From the discussion in the meeting perhaps we avoid using the word administrator at all since we can't tell out of context whether it's a software admin who can do everything or a clinical admin who can only do a limited amount within some given organisations.
For software admin superuser is probably fine (I think we already use that for E12?). For the latter I'm not sure what word would work that isn't administrator.
clinical admin
Great point - superuser makes sense for software, but otherwise clinical administrator I think is cleaner, even though it's confusing. Maybe clinical coordinator?
Ah true just coordinator sounds good.
Overall keeping the names as general as possible and reflecting what that user can do rather than who they are will help us avoid painting ourselves into a corner in the future.
Current user groups on Netsolving are:
Keeping this terminology would be my preference, as it reflects what the user can do (as @mbarton noted above). Happy to change administrator to coordinator to avoid confusion.
As for the permissions table: Only RCPCH staff should be able to delete a patient or a visit. Data entry permissions are identical for administrators (coordinators) and editors. Only difference between the two is being able to add/edit/delete users.
It isn't often that we're asked to delete patients/visits, especially as the majority work with CSV uploads and they'll overwrite incorrect visits anyway.
@AmaniKrayemRCPCH thanks for the update - not sure I fully understand how this will integrate with roles. Are we saying we don't want to have clinician/ lead clinician / administrator anymore and simply allocate users either Coordinator / Editor / Reader?
How would this also work with updating patient information, for example Patient Visit data?
Additionally, should the editors be able to read patient data at all, if they have the permission to edit (which is arguably higher in scope)?
What would be really useful is if we had a matrix similar to the one above, explicitly detailing each permission (specifically create, view, update, delete) for each user group and each model (User, Visit, Patient, Site)
Apologies for the confusion! Here's the updated permissions table. I hope this clears things up, but let me know if there's any questions.
Group | Model | View | Change | Delete | Create |
---|---|---|---|---|---|
Administrator | Patient | X | X | - | X |
Editor | Patient | X | X | - | X |
Reader | Patient | X | - | - | - |
RCPCH Audit Team | Patient | X | X | X | X |
Administrator | Visit | X | X | - | X |
Editor | Visit | X | X | - | X |
Reader | Visit | X | - | - | - |
RCPCH Audit Team | Visit | X | X | X | X |
Administrator | User | X | X | X | X |
Editor | User | X | - | - | - |
Reader | User | X | - | - | - |
RCPCH Audit Team | User | X | X | X | X |
Administrator | Site | - | - | - | - |
Editor | Site | - | - | - | - |
Reader | Site | X | - | - | - |
RCPCH Audit Team | Site | X | X | X | X |
[ discussion with @eatyourpeas @anchit-chandran @mbarton @AmaniKrayemRCPCH @cillian-rcpch ]
@AmaniKrayemRCPCH here is the schematic we have at the moment for NPDA permissions:
And here is some notes on what we discussed:
Feel free to expand / add anything on this below!