User Management
How to manage users in OSCAR
Step 1. Add a Provider Record for a New User
- The OSCAR database is built on relationships to any given user number. It must be unique. The easy way (for small practice) to get a new unique number is to press the suggest button and skip to step (8) below
- Larger practices will want to use a different series of numbers for different providers such as 100 series for MD’s. 200 for locums, 300’s for nurses and so on. Before you can add a new provider, you must look through the existing providers to see what your last provider number was.
- Click the ‘Search / Edit / Delete Provider Records’ link under the User Management heading.
- Click the ‘Search’ button without typing any name in the box, to get the full list of providers in the database
- Click on the ‘ID’ heading to put the ID numbers in numerical order (each heading allows you to sort the database by each of the heading titles when clicked)
- After noting your last provider ID number, decide what the ID number will be for the new provider and write it down.
eg If you keep doctors in the 100 series and your last MD is 109 the next MD should be 110 .
- Click the ‘Add Provider Record’ link
- Enter the provider number you wrote down from the previous steps.
- Fill in all the appropriate information for the new user
- Provider No: Example = 101. Suggest will provide the next available number. Place a unique number to identify this user
- If multisites are configured you must assign the provider to at least one of them
- Signed Confidentiality Agreement. Now is a good time to have this new provider sign an acceptable use aggreement
- College Type. If the provider is governed by a regulating college specify it here and further settings will be displayed for Licence numbers and billing details
- 3rd Part Billing #: This field is used when an outside company does the billing for an office or clinic. This is usually the group number for the billing agency.
- Billing #: Example = 123456. This field is used if the individual is a doctor and would be their Ministry of Health billing number. There are billing function implications with this field. (E.g.: If the individual is a doctor and a number is not put in here, they will not show up on the provider list in the billing form.)
- Specialty eg GP or SURGEON. This shows up on provider searches.
- Specialty Code #: Example = 00 (for General Practice).
- Group Billing #: Example = B008, This field is used when the physicians are designated by the Ministry of Health as a group and are issued a group number.
- CPSID #: Example = 57111, this is the number assigned by the College of Physicians and Surgeons to the physician.
- Status: Is this provider active.
- Bill Center: The location of the closest OHIP billing office.
- Contact Information can be entered here especially if it differs from the clinic default so that it can be used in Rx and consult requests
11. Click the ‘Add Provider Record’ button when finished
Step 2. Add Login Information
A user’s password is their digital signature – they should choose it and use it with care and not allow unauthorized access to systems logged in to OSCAR.
- In User Management, click on the ‘Add Login Record’ link
- Type in a login and temporary password
- Confirm the password by retyping it
- Click on the drop-down menu beside ‘Provider No.’ to select the user’s name
- Greyed out user names already have security records
- If desired set an Expiry by clicking the check box and picking a date.
- Determine if you want a time cycling system generated pin to provide two factor authorisation
- Determine if you want to have a PIN number and if so if you require it for only remote access (WWW) or also local access (LAN)
- Type in a PIN number and confirm (for static pins only)
- Force Password reset will ensure that the provider will change the password when they login for the first time.
- Clicking on ‘Add Record’ will save the settings and take you back to the ‘Admin’ page
NOTE: you will need to write down the login, password and PIN number to give to the new user before you add the record. If you leave default settings for force password reset inform the new user to change their password the first time they use the system. As a deliberate security measure the administrator can only set, reset and delete passwords and cannot recover them.
If you selected for a time cycling PIN for two factor authorization a QR code will be generated for you to print so you can provide to the user to setup their authentication app (eg FreeOTP or Google Authenticator) on their mobile app
Remember that the secret key and the QR code should be treated the same as a password and be reset if the the code or phone is lost or stolen.
Step 3. Assign Role(s) For the User
By default new users program access is severely restricted. You must assign one or more of the assigned roles to the user so that they can access the parts of OSCAR that they need.
- Search for the provider you wish to modify using the search field
- Choose a role from the drop down menu and click one of the three available actions: “Add”, “Update”, or “Delete”
- Each new role will appear as a new row. Providers with multiple roles will have multiple rows in the chart.
NOTE: If you are shown a message “Role NOT added!!” you have already assigned this role to this provider.
NOTE: If you have some notes with wrong roles attached, you will need to have someone fix the casemgmt_note table and reassign the reporter_caisi_role to make them readable.
SMALL CLINIC
Tip: assign everyone the doctor role as primary. Add admin role to others who need access to the admin functions. This yields the most flexibility.
Note that anything more complex risks a mixup of roles resulting in having hidden notes and encounters.
MEDIUM CLINIC
The following are suggestions from KC Lai for possible cookbook settings:
You can add more than one role to a provider, and specify which role is the Primary role and which is the Secondary Role (which changes the privileges enabled for each user). The numbers in square brackets [#] correspond to the SQL database coding for each role, for your information only.
In Progressively Increasing Order of Permissions and Access to EMR records:
- Low level secretary **: secretary [17] (primary): no billings, if add doctor [2] (secondary), then notes shared with Suppport Worker
- Non-Billing Receptionist **: medical secretary [15] (primary) and counsellor [18] (secondary): booking, documents, Ticklers, Messages, but no billings; visible Social Hx, Reminders, Ongoing Concerns, but no access to Medical Hx nor Medications; notes are invisible to doctors but notes are visible to receptionist or secretaries.
- Billing agent **: receptionist [1] (primary): booking, billing, documents, Ticklers, Messages
- Billing Secretary **: receptionist [1] (primary), secretary [17] (secondary): no access to Medical History
- Billing Medical Office Assistant **: receptionist [1] (primary) with doctor [2] (secondary): no read access to doctor or CPP notes, but able to enter Encounter notes and CPP that are readable by doctors, and able to do billings
- Medical Assistant **: counsellor [18] (primary): for limited encounter note writing so doctors can see, but can’t see doctor notes, can’t see Medical History or Meds (use this for limited E-Chart note taking)
- Restricted Social Worker **: counsellor [18] (primary), doctor [2] (secondary): Notes, Documents, Meds, Allergies can be seen by doctors; but cannot see doctors notes, no doctors’ CPP.
- Hidden Nursing Notes: RN [10] (primary) and doctor [2] (secondary): read doctor and psychiatrist notes, nursing notes are hidden from doctors; but can read and enter full CPP including Medical Hx and Medications.
- Confidential Psychotherapist: clinical wocial worker [13] (primary) with doctor [2] (secondary): access to doctor and counsellor notes, visible and access to Medical Hx and Meds (notes here are visible to docs), but encounter notes are private (hidden from doctors)
- Chiropractor, PT, OT locum [4] (primary) and doctor [2] (secondary): for private notes, but read doctor records (including CPP) [ Group A: allied health practitioners that read doctor notes but keep their own private records;
- Massage therapy, personal support worker etc: nurse [5] (primary) and doctor [2] (secondary): for another group of private notes, but read doctors records (including CPP) [Group B allied health practitioners that read doctor notes but keep their own private records
- Psychiatry: psychiatrist [9] (primary) with doctor [2] (secondary): access to doctor and counsellor notes, notes are readable by doctors, visible and access to Medical History and Meds
- Specialist Doctors: Partner Doctor and secondary (doctor): Full Access
- Doctors: doctors [2] (primary): for full record access
- admin: adding admin [0] as a secondary/tertiary role will give administrator privileges to that user, in addition to their usual permissions
** If you add doctor [2] (secondary role) to any users who have either secretary/counsellor/receptionist as a primary role, then this will ADD the ability for that user to access the e-Chart and enter notes in the e-Chart, as well as enter items in the CPP Medial Hx and Medications. However, they still cannot see the doctor’s e-Chart encounter notes. The doctors do see the notes that the secretary/counsellor/receptionist adds.
LARGE CLINIC
You will probably want to investigate all Available Roles and their default settings:
doctor
access to every part of OSCAR except the administrative view
locum
access to every part of OSCAR except the administrative view
nurse
all of the same permissions as a doctor or locum EXCEPT the ability to “Verify and Sign” Encounter notes.
receptionist
no access to doctors notes (E-chart), oscarRx, labs or the administration functions
admin
access only to the administration functions (unless admin role is secondary to another role) and many more… No access to doctors notes.
admin_reports
access to administrative reporting functions
clinical assistant
access to schedule, demographics, Msg, but no billings
other roles available include CAISI ADMIN, Case Manager, client service worker, clinical case manager, clinical social worker, counseling intern, councilor, er_clerk, field-note admin, Housing worker, HRM admin, medical secretary, midwife, moderator, nurse manager, partner doctor, property staff, psychiatrist, recreational therapist, RN, RPN, secretary, site manager, support councilor, vaccine provider and student.
Step 4. Scheduling Users
- Set up a new group or add the user to an existing group
- Setup their Schedule
Documentation Copyright © 2021-2022 by Peter Hutten-Czapski MD under the Creative Commons Attribution-Share Alike 3.0 Unported License