The following diagram depicts how access to cases is managed in the OnePacs system. There are several ways to manage user case access according to the controls listed in this diagram.
Through a combination of OnePacs Facility Privileges and user access Filters, users may be restricted to a set of cases deemed appropriate for them to access. Thecapabilities of OnePacs are robust, and may be used to grant access to cases according to a wide variety of criteria, such as study modality, patient age, referring physician name, and so on.
Facility privileges are the most basic means of restricting users' access to cases on the OnePacs system. See Facility Privileges for details on how to restrict users from seeing a facility.
Administrators may user filters to limit users' access to cases on the OnePacs system. Filters used in this fashion are restrictive - they may prevent users from seeing cases that they might otherwise be able to access, but they will not cause users to be able to access cases which they otherwise would not have access to. Filters may be applied to a user's account through the user management interface.
It is commonly desired to provide referring physicians with the ability to access reports, or reports and images, for only those patients which they have referred for imaging. The following are the two primary means by which this may be achieved.
The usual means of achieving this goal utilizes the “ReferringPhysicianName” field in the DICOM headers. If this means of access restriction is used, the imaging technologists involved must take care to enter referring names accurately for all cases, to ensure proper functioning of the access control mechanism. It will also be necessary to assign each referring physician a unique “Referring PhysicianName” tag, even if two referring physicians happen to have the same first and/or last names.
The “ReferringPhysicianName” DICOM field may be used to grant referring physicians access only to cases for patients which they referred as follows:
Referring physician names can be entered as part of a user filter by typing one or more names (separated by a return key) into the “Referring Physicians:” field. This will create a filter that is case insensitive and contains the name. Other referring physician filters can be created using the advanced expression field.
To limit such physicians, for example, to cases for which the ReferringPhysicianName field reads exactly “JOHNBRONSTEIN”, an appropriate filter would be as follows:
ReferringPhysicianName = 'JOHNBRONSTEIN'
or, for a case-insensitive filter,
upper(ReferringPhysicianName) = 'JOHNBRONSTEIN'
To limit a physician to viewing cases which contain the name BRONSTEIN somewhere in the ReferringPhysicianName field, the following filter would be used:
ReferringPhysicianName like '%BRONSTEIN%'
or, for a case-insensitive filter,
ReferringPhysicianName contains 'BRONSTEIN'
Please refer to the section on study filters for further details on filter creation.
Another means of achieving this would be to use access filters to block such physicians generally from seeing any cases on the system, and also grant such physicians view access to cases in a shared folder. Cases to which they should have access may be placed manually in such a folder.
It may be desirable to limit user access to cases according to other case characteristics, such as patient characteristics, or other DICOM header fields.
The process of limiting case access by such criteria is similar to the above given example of referring physician access limitation.
For example, to limit a user to accessing cases for patients aged 18 years and below, the following filter would be applied:
PatientAge < '18Y'
To limit users to accessing cases with the text “Research” in the DICOM StudyDescription header, the following filter would be used:
StudyDescription like '%Research%'
Or, for a case insensitive filter:
upper(StudyDescription) like '%RESEARCH%'
In some radiology practice environments, it is desirable to have cases assigned to radiologists manually by a coordinator.
One means of achieving this in OnePacs involves granting a set of users access privileges to a set of facilities, and applying a user accessto such users, restricting them to accessing only cases which have been assigned to them.
To assign a case to a user, simply locate the case in a worklist, right-click on the case, and utilize the “Assign-to” option in the right-click context menu. A list of users to whom the case may be assigned (users with reporting privileges for the facility that transmitted the case) will appear in a submenu. To unassign a case follow the same directions as above, but select the “Unassign this study” option from the top of the menu. An administrator may also use the highlight feature to aid in assigning cases. On the right side of the worklist is a selection box for users. Selecting a user will highlight cases in red if the user cannot view the case and will highlight the case in yellow if the user may view the case but may not report on the case. For example below, the user is filtered to only be able to access studies that have a modality of CT and may only report for facilities A and B and may only view for facility C.
In order to limit users to cases which have been assigned to them an administrator can select the "Allow this user to view only studies that they are assigned" checkbox.
You can also set the user access filter to allow the user to view historical cases that are not assigned to the user by selecting the “For cases the user is allowed to view, allow user to also view other studies for the same patient” option by their configured user access filter.