Changes between Version 4 and Version 5 of NextforHMS

01/28/10 08:02:24 (14 years ago)
Dan Zubey



  • NextforHMS

    v4 v5  
    3636  * Entry users: Registered users who are given add/edit/update/delete access to OR, PR, HMS
    3737  * Options to create additional groups that have add/edit/update/delete access to each individual registry - and bundle people that way.  e.g. Tim has write privileges to OR and PR but not HMS or RMS; Praneeth has write privileges to RMS but nothing else; Dan has write privileges to RMS, OR, and PR but not HMS. [[BR]]
     39 ----
     40'''Notes from dzubey'''
     43Need to establish who are our user groups? Then based on that what rights should they NOT have.
     45If the main concern is keeping certain data away from the general public, and we are time crunched, then a generic anonymous / read-only / read-write structure is fine...but this makes it very hard to change in the future.
     47There is an more optimal method of assigning flags to users, which indicate what capabilities they are allowed, as opposed to role-based.
     49we've already leaked a good quantity of data to various search engines and blogs and whatnot. I imagine this current push is to secure future data we capture.
    3951* '''Provenance of data''' - without adding any fields (at this time), we need to display the last time data records were updated and by whom - we should be able to pull from the last modified column and the registered user who made the modification.  This is especially important to allow for evaluation of how old data is and how often it is being updated.  Maybe a big bold splash on upper right when viewing a hospital record would say "Last modified on DDMMYY at HH:MM UTC by <Registered User>".  Or just show the data as additional field in form view or column in table view.  [[BR]]