DGSEC4 ;ALB/MM,JAP - Utilities for record access & sensitive record processing;10/6/99 ; 10/26/05 12:46pm
;;5.3;Registration;**249,281,391,471,684,699,1004,1005,1009,1011,1013,1015**;Aug 13, 1993;Build 21
;
;IHS/ANMC/LJF 8/31/2001 changed warning message text
; 1/04/2002 if in log as non-sensitive, track anyway
;IHS/ITSC/WAR 3/17/2005 Fix dealing with calls from other apps/pkgs
;IHS/OIT/LJF 11/03/2005 PATCH 1004 moved message code to IHS routine
; 01/06/2006 PATCH 1005 accounted for tracking all patients (IHS feature)
; 08/31/2007 PATCH 1008 added code for user with restircted access to some patients
;Line tags OWNREC & SENS moved from DGSEC in DG*5.3*249 when DGSEC
;reached the maximum routine size.
;
PTSEC(RESULT,DFN,DGMSG,DGOPT) ;RPC/API entry point for patient sensitive & record access checks
;Output array (Required)
; RESULT(1)= -1-RPC/API failed
; Required variable not defined
; 0-No display/action required
; Not accessing own, employee, or sensitive record
; 1-Display warning message
; Sensitive and DG SENSITIVITY key holder
; or Employee and DG SECURITY OFFICER key holder
; 2-Display warning message/require OK to continue
; Sensitive and not a DG SENSITIVITY key holder
; Employee and not a DG SECURITY OFFICER key holder
; 3-Access to record denied
; Accessing own record
; 4-Access to Patient (#2) file records denied
; SSN not defined
; RESULT(2-10) = error or display messages
;
;Input parameters: DFN = Patient file entry (Required)
; DGMSG = If 1, generate message (optional)
; DGOPT = Option name^Menu text (Optional)
;
K RESULT
I $G(DFN)="" D Q
.S RESULT(1)=-1
.S RESULT(2)="Required variable missing."
;
;IHS/OIT/LJF 08/31/2007 PATCH 1008
;S DGMSG=$G(DGMSG)
S DGMSG=$G(DGMSG,1)
I $$STATUS^BDGSPT2(DUZ,DFN,1)["RESTRICTED ACCESS" D Q
.S RESULT(1)=5 Q:DGMSG'=1
.S RESULT(2)="Sorry, you are restricted from accessing this patient's record."
.S RESULT(3)="If you have questions, please contact your HIM department."
;end of PATCH 1008 code
;
S DGMSG=$G(DGMSG)
D OWNREC(.RESULT,DFN,$G(DUZ),DGMSG)
I RESULT(1)=1 S RESULT(1)=3 Q
I RESULT(1)=2 S RESULT(1)=4 Q
K RESULT
D SENS(.RESULT,DFN,$G(DUZ))
;
;IHS/OIT/LJF 01/06/2006 PATCH 1005 account for tracking all patients
;I RESULT(1)=1 D
I (RESULT(1)=1)!(RESULT(1)=0) D
.I (RESULT(1)=0)&($$GET1^DIQ(43,1,9999999.01)'="YES")&('$P($G(^DGSL(38.1,+DFN,0)),U,2)) Q ;cmi/maw 1/26/2010 PATCH 1011
.;
.I $G(DUZ)="" D Q
..;DUZ must be defined to access sensitive record & update DG Security log
..S RESULT(1)=-1
..S RESULT(2)="Your user code is undefined. This must be defined to access a restricted patient record."
.D SETLOG1^DGSEC(DFN,DUZ,,$G(DGOPT))
Q
NOTICE(RESULT,DFN,DGOPT,ACTION) ;RPC/API entry point for log entry and message generation
;Input parameters:
; DFN = Patient file DFN
; DGOPT = Option name^Menu text (Optional)
; ACTION = 1 - Set DG Security Log entry, 2 - Generate mail
; message, 3 - Both (Optional - Defaults to both)
;
;Output: RESULT = 1 - DG Security Log updated and/or Sensitive Record msg sent (Determined by ACTION value)
; 0 - Required variable undefined
;
I $G(DFN)="" S RESULT=0 Q
I $G(DUZ)="" S RESULT=0 Q
S DGOPT=$G(DGOPT)
I $G(ACTION)="" S ACTION=3
I ACTION'=1 D BULTIN1^DGSEC(DFN,DUZ,DGOPT)
I ACTION'=2 D SETLOG1^DGSEC(DFN,DUZ,,DGOPT)
S RESULT=1
Q
;
OWNREC(DGREC,DFN,DGDUZ,DGMSG,DGNEWPT,DGPTSSN) ;Determine if user accessing his/her own Patient file (#2) record
;Input:
; DGREC - Array name passed by reference
; DFN - Patient (#2) file IEN
; DGDUZ - New Person (#200) file IEN (Not required. If not sent will return 0.)
; DGMSG - If 1, generate message (Optional) Will default to 1
; DGNEWPT - Set to 1 when adding a new entry to the Patient file
; DGPTSSN - new patient's SSN
; DGNEWPT & DGPTSSN parameters only defined if DPTLK is adding
; a new Patient (#2) file entry
;
;Output:
; DGREC(1)=0 - Not attempting to access own Patient (#2) file record,
; DUZ not defined, RESTRICT PATIENT RECORD ACCESS parameter
; in MAS Parameters (#43) file not set to yes, or user holds
; DG RECORD ACCESS security key.
; =1 - Attempting to access own Patient file record
; =2 - SSN undefined
; =-1 - Required variable not defined.
; Other nodes in array will contain error message text.
;
;DFN required
I '$D(DFN),($G(DGNEWPT)'=1) D Q
.S DGREC(1)=-1
.S DGREC(2)="DFN not defined."
S DGREC(1)=0
;Check if parameter is on
I +$P($G(^DG(43,1,"REC")),U)=0 Q
N DGNPSSN
;I $D(DUZ)=0 Q
I (+$G(DGDUZ))<1 Q
;Check if user holds security key
I $D(^XUSEC("DG RECORD ACCESS",DGDUZ)) Q
I $G(DGMSG)="" S DGMSG=1
N DGNPERR
; quit if user is a proxy user, i.e., not a real person
I $$ACTIVE^XUSAP(DGDUZ),$$USERTYPE^XUSAP(DGDUZ,"CONNECTOR PROXY")!($$USERTYPE^XUSAP(DGDUZ,"APPLICATION PROXY")) Q
S DGNPSSN=$$GET1^DIQ(200,DGDUZ_",",9,"I","","DGNPERR")
I 'DGNPSSN D Q
.S DGREC(1)=2
.S DGREC(2)="Your SSN is missing from the NEW PERSON file. Contact your ADP Coordinator."
.;Only send message if parameter set to 1
.I DGMSG=1 D MSG(DGDUZ)
I +$G(DGNEWPT)'=1 S DGPTSSN=$P($G(^DPT(DFN,0)),U,9)
I +$G(DGNEWPT)=1 S DGPTSSN=$TR(DGPTSSN,"-","")
I DGNPSSN=DGPTSSN D Q
.S DGREC(1)=1
.S DGREC(2)="Security regulations prohibit computer access to your own medical record."
Q
MSG(DGDUZ) ;Send Missing SSN in New Person file message to mailgroup
;Input: DGDUZ - New Person (#200) file IEN (Required)
;
N DGNPERR,DGNPNAME,DGTEXT,XMCHAN,XMDUZ,XMSUB,XMTEXT,XMY,XMZ
S DGNPNAME=$$GET1^DIQ(200,DGDUZ_",",.01,"","DGNPERR")
S XMSUB="MISSING SSN IN NEW PERSON FILE"
S DGTEXT(1)="The following NEW PERSON record does not contain a Social Security Number."
S DGTEXT(2)="This is required to access PATIENT file entries."
S DGTEXT(3)=""
S DGTEXT(4)=$S(DGNPNAME'="":DGNPNAME,1:"UNKNOWN")
S DGTEXT(5)="NEW PERSON (#200) File Internal Entry Number (DUZ): "_+DGDUZ
S DGTEXT(6)=""
S DGTEXT(7)="This message has been sent to DG MISSING NEW PERSON SSN mail group."
S DGTEXT(8)="Please take appropriate action."
S XMTEXT="DGTEXT("
S XMDUZ=$S(DGNPNAME'="":DGNPNAME,1:.5)
S XMY("G.DG MISSING NEW PERSON SSN")=""
S XMCHAN=1
D ^XMD
Q
SENS(DGSENS,DFN,DGDUZ,DDS,DGSENFLG) ;Determine if sensitive record
;Input:
; DGSENS - Array name passed by reference
; DFN - Patient (#2) file IEN (Required)
; DGDUZ - New Person (#200) file IEN
; DDS - Screenman variable
; DGSENFLG - If defined, patient record sensitivity not checked
;
;Output:
; DGSENS(1)=0 - Record is not sensitive or DGSENFLG set
; =1 - Sensitive record and user holds DG SENSITIVITY key
; - Employee and user holds DG SECURITY OFFICER key
; =2 - Sensitive record and user does not hold key
; - Employee and user does not hold key
; =-1 - Required input variable not defined
; If 1, 2 or -1, array will contain error/display message
;
N DGMSG,DGA1,DG1,DGDATE,DGLNE,DGT,DGTIME,DGEMPLEE
;Patient file DFN must be defined.
I '$D(DFN) D Q
.S DGSENS(1)=-1
.S DGSENS(2)="DFN not defined."
S DGSENS(1)=0
AUDIT I DFN>0,$$GET^XPAR("ALL","DI AUDIT PATIENT LOOKUPS") D ACCESSED^DIET(2,DFN) ;ihs/cmi/maw 3/7/2011 added for certification via Medsphere
I $D(DGSENFLG) Q
;Determine if patient is employee
S DGEMPLEE=$$EMPL(DFN)
;Quit if not an employee & not found in DG Security Log file
I 'DGEMPLEE,('$D(^DGSL(38.1,+DFN,0))) Q
;Quit if not an employee and not flagged as sensitive
I 'DGEMPLEE,($P($G(^DGSL(38.1,+DFN,0)),U,2)'=1) Q
;DUZ & user name must be defined
S DGMSG=$S('$G(DGDUZ):"user code",'$D(^VA(200,DGDUZ,0)):"user name",1:"")
I DGMSG'="" D Q
.S DGSENS(1)=-1
.S DGSENS(2)="Your "_DGMSG_" is undefined. This must be defined to access"
.S DGSENS(3)=" a restricted patient record."
S DGSENS(1)=1
;Inpatient check - no longer used (kept for future reference)
;D H^DGUTL S DGT=DGTIME D ^DGPMSTAT
S DGSENS(2)="***WARNING***"
I $G(DDS)'="" S DGSENS(2)=DGSENS(2)_" ***RESTRICTED RECORD***"
I $G(DDS)="" S DGSENS(3)="***RESTRICTED RECORD***"
I DGEMPLEE,('$D(^XUSEC("DG SECURITY OFFICER",+$G(DGDUZ)))) D Q
.S DGSENS(1)=2
.D PRIV
I '$D(^XUSEC("DG SENSITIVITY",+$G(DGDUZ))) D
.S DGSENS(1)=2
.D PRIV
Q
PRIV ;Privacy Act statement for DGSENS array
S $P(DGLNE,"* ",38)=""
I $G(DDS)="" S DGSENS(4)=DGLNE
;S DGSENS(5)="* This record is protected by the Privacy Act of 1974 and the Health *"
;S DGSENS(6)="* Insurance Portability and Accountability Act of 1996. If you elect *"
;S DGSENS(7)="* to proceed, you will be required to prove you have a need to know. *"
;S DGSENS(8)="* Accessing this patient is tracked, and your station Security Officer *"
;S DGSENS(9)="* will contact you for your justification. *"
;IHS/OIT/LJF 11/03/2005 PATCH 1004 call IHS rtn to build message array
D MSG^BDGSECU
;S DGSENS(5)="* This record is protected by the Privacy Act of 1974. If you elect *"
;S DGSENS(6)="* to proceed, you will be required to prove you have a need to know. *"
;
;IHS/ANMC/LJF 8/31/2001 changed message text
;S DGSENS(7)="* Accessing this patient is tracked, and your station Security Officer *"
;S DGSENS(8)="* will contact you for your justification. *"
;S DGSENS(7)="* Accessing this patient is tracked. The assigned Sensitive Patient *"
;S DGSENS(8)="* Tracking monitor will contact you for your justification. *"
;IHS/ANMC/LJF 8/31/2001 end of mods
;IHS/OIT/LJF 11/03/2005 end of new mod
;
I $G(DDS)="" S DGSENS(10)=DGLNE
Q
EMPL(DFN,DGCHELIG) ;Does patient have any eligibility codes equal to
; EMPLOYEE
;Input:
; DFN - Patient (#2) file IEN (required).
; DGCHELIG - Flags to determine mode of execution (optional).
; Value of the parameter can contain any combination
; of the following characters:
; "P" - check primary eligibility code
; "S" - check secondary eligibility codes
;
; If this parameter is either not defined or set to an
; illegal value, the value of "PS" will be assumed.
;Output:
; 1 - Patient has EMPLOYEE as an eligibility code
; 0 - Patient doesn't have EMPLOYEE as an eligibility code
;
;Notes: EMPLOYEE is entry 14 in the MAS ELIGIBILITY CODE file (#8.1)
N DGELIG,DGEMPLEE
S DGEMPLEE=0
I $G(DGCHELIG)'["P",$G(DGCHELIG)'["S" S DGCHELIG="PS"
;Check primary eligibility
I DGCHELIG["P" D
.S DGELIG=+$G(^DPT(DFN,.36))
.I $D(^DIC(8,"D",14,DGELIG)) S DGEMPLEE=1
;Check secondary eligibilities (if needed)
I DGCHELIG["S",'DGEMPLEE D
.S DGELIG=0
.F S DGELIG=+$O(^DPT("AEL",DFN,DGELIG)) Q:'DGELIG I $D(^DIC(8,"D",14,DGELIG)) S DGEMPLEE=1 Q
Q DGEMPLEE
DGSEC4 ;ALB/MM,JAP - Utilities for record access & sensitive record processing;10/6/99 ; 10/26/05 12:46pm
+1 ;;5.3;Registration;**249,281,391,471,684,699,1004,1005,1009,1011,1013,1015**;Aug 13, 1993;Build 21
+2 ;
+3 ;IHS/ANMC/LJF 8/31/2001 changed warning message text
+4 ; 1/04/2002 if in log as non-sensitive, track anyway
+5 ;IHS/ITSC/WAR 3/17/2005 Fix dealing with calls from other apps/pkgs
+6 ;IHS/OIT/LJF 11/03/2005 PATCH 1004 moved message code to IHS routine
+7 ; 01/06/2006 PATCH 1005 accounted for tracking all patients (IHS feature)
+8 ; 08/31/2007 PATCH 1008 added code for user with restircted access to some patients
+9 ;Line tags OWNREC & SENS moved from DGSEC in DG*5.3*249 when DGSEC
+10 ;reached the maximum routine size.
+11 ;
PTSEC(RESULT,DFN,DGMSG,DGOPT) ;RPC/API entry point for patient sensitive & record access checks
+1 ;Output array (Required)
+2 ; RESULT(1)= -1-RPC/API failed
+3 ; Required variable not defined
+4 ; 0-No display/action required
+5 ; Not accessing own, employee, or sensitive record
+6 ; 1-Display warning message
+7 ; Sensitive and DG SENSITIVITY key holder
+8 ; or Employee and DG SECURITY OFFICER key holder
+9 ; 2-Display warning message/require OK to continue
+10 ; Sensitive and not a DG SENSITIVITY key holder
+11 ; Employee and not a DG SECURITY OFFICER key holder
+12 ; 3-Access to record denied
+13 ; Accessing own record
+14 ; 4-Access to Patient (#2) file records denied
+15 ; SSN not defined
+16 ; RESULT(2-10) = error or display messages
+17 ;
+18 ;Input parameters: DFN = Patient file entry (Required)
+19 ; DGMSG = If 1, generate message (optional)
+20 ; DGOPT = Option name^Menu text (Optional)
+21 ;
+22 KILL RESULT
+23 IF $GET(DFN)=""
Begin DoDot:1
+24 SET RESULT(1)=-1
+25 SET RESULT(2)="Required variable missing."
End DoDot:1
QUIT
+26 ;
+27 ;IHS/OIT/LJF 08/31/2007 PATCH 1008
+28 ;S DGMSG=$G(DGMSG)
+29 SET DGMSG=$GET(DGMSG,1)
+30 IF $$STATUS^BDGSPT2(DUZ,DFN,1)["RESTRICTED ACCESS"
Begin DoDot:1
+31 SET RESULT(1)=5
IF DGMSG'=1
QUIT
+32 SET RESULT(2)="Sorry, you are restricted from accessing this patient's record."
+33 SET RESULT(3)="If you have questions, please contact your HIM department."
End DoDot:1
QUIT
+34 ;end of PATCH 1008 code
+35 ;
+36 SET DGMSG=$GET(DGMSG)
+37 DO OWNREC(.RESULT,DFN,$GET(DUZ),DGMSG)
+38 IF RESULT(1)=1
SET RESULT(1)=3
QUIT
+39 IF RESULT(1)=2
SET RESULT(1)=4
QUIT
+40 KILL RESULT
+41 DO SENS(.RESULT,DFN,$GET(DUZ))
+42 ;
+43 ;IHS/OIT/LJF 01/06/2006 PATCH 1005 account for tracking all patients
+44 ;I RESULT(1)=1 D
+45 IF (RESULT(1)=1)!(RESULT(1)=0)
Begin DoDot:1
+46 ;cmi/maw 1/26/2010 PATCH 1011
IF (RESULT(1)=0)&($$GET1^DIQ(43,1,9999999.01)'="YES")&('$PIECE($GET(^DGSL(38.1,+DFN,0)),U,2))
QUIT
+47 ;
+48 IF $GET(DUZ)=""
Begin DoDot:2
+49 ;DUZ must be defined to access sensitive record & update DG Security log
+50 SET RESULT(1)=-1
+51 SET RESULT(2)="Your user code is undefined. This must be defined to access a restricted patient record."
End DoDot:2
QUIT
+52 DO SETLOG1^DGSEC(DFN,DUZ,,$GET(DGOPT))
End DoDot:1
+53 QUIT
NOTICE(RESULT,DFN,DGOPT,ACTION) ;RPC/API entry point for log entry and message generation
+1 ;Input parameters:
+2 ; DFN = Patient file DFN
+3 ; DGOPT = Option name^Menu text (Optional)
+4 ; ACTION = 1 - Set DG Security Log entry, 2 - Generate mail
+5 ; message, 3 - Both (Optional - Defaults to both)
+6 ;
+7 ;Output: RESULT = 1 - DG Security Log updated and/or Sensitive Record msg sent (Determined by ACTION value)
+8 ; 0 - Required variable undefined
+9 ;
+10 IF $GET(DFN)=""
SET RESULT=0
QUIT
+11 IF $GET(DUZ)=""
SET RESULT=0
QUIT
+12 SET DGOPT=$GET(DGOPT)
+13 IF $GET(ACTION)=""
SET ACTION=3
+14 IF ACTION'=1
DO BULTIN1^DGSEC(DFN,DUZ,DGOPT)
+15 IF ACTION'=2
DO SETLOG1^DGSEC(DFN,DUZ,,DGOPT)
+16 SET RESULT=1
+17 QUIT
+18 ;
OWNREC(DGREC,DFN,DGDUZ,DGMSG,DGNEWPT,DGPTSSN) ;Determine if user accessing his/her own Patient file (#2) record
+1 ;Input:
+2 ; DGREC - Array name passed by reference
+3 ; DFN - Patient (#2) file IEN
+4 ; DGDUZ - New Person (#200) file IEN (Not required. If not sent will return 0.)
+5 ; DGMSG - If 1, generate message (Optional) Will default to 1
+6 ; DGNEWPT - Set to 1 when adding a new entry to the Patient file
+7 ; DGPTSSN - new patient's SSN
+8 ; DGNEWPT & DGPTSSN parameters only defined if DPTLK is adding
+9 ; a new Patient (#2) file entry
+10 ;
+11 ;Output:
+12 ; DGREC(1)=0 - Not attempting to access own Patient (#2) file record,
+13 ; DUZ not defined, RESTRICT PATIENT RECORD ACCESS parameter
+14 ; in MAS Parameters (#43) file not set to yes, or user holds
+15 ; DG RECORD ACCESS security key.
+16 ; =1 - Attempting to access own Patient file record
+17 ; =2 - SSN undefined
+18 ; =-1 - Required variable not defined.
+19 ; Other nodes in array will contain error message text.
+20 ;
+21 ;DFN required
+22 IF '$DATA(DFN)
IF ($GET(DGNEWPT)'=1)
Begin DoDot:1
+23 SET DGREC(1)=-1
+24 SET DGREC(2)="DFN not defined."
End DoDot:1
QUIT
+25 SET DGREC(1)=0
+26 ;Check if parameter is on
+27 IF +$PIECE($GET(^DG(43,1,"REC")),U)=0
QUIT
+28 NEW DGNPSSN
+29 ;I $D(DUZ)=0 Q
+30 IF (+$GET(DGDUZ))<1
QUIT
+31 ;Check if user holds security key
+32 IF $DATA(^XUSEC("DG RECORD ACCESS",DGDUZ))
QUIT
+33 IF $GET(DGMSG)=""
SET DGMSG=1
+34 NEW DGNPERR
+35 ; quit if user is a proxy user, i.e., not a real person
+36 IF $$ACTIVE^XUSAP(DGDUZ)
IF $$USERTYPE^XUSAP(DGDUZ,"CONNECTOR PROXY")!($$USERTYPE^XUSAP(DGDUZ,"APPLICATION PROXY"))
QUIT
+37 SET DGNPSSN=$$GET1^DIQ(200,DGDUZ_",",9,"I","","DGNPERR")
+38 IF 'DGNPSSN
Begin DoDot:1
+39 SET DGREC(1)=2
+40 SET DGREC(2)="Your SSN is missing from the NEW PERSON file. Contact your ADP Coordinator."
+41 ;Only send message if parameter set to 1
+42 IF DGMSG=1
DO MSG(DGDUZ)
End DoDot:1
QUIT
+43 IF +$GET(DGNEWPT)'=1
SET DGPTSSN=$PIECE($GET(^DPT(DFN,0)),U,9)
+44 IF +$GET(DGNEWPT)=1
SET DGPTSSN=$TRANSLATE(DGPTSSN,"-","")
+45 IF DGNPSSN=DGPTSSN
Begin DoDot:1
+46 SET DGREC(1)=1
+47 SET DGREC(2)="Security regulations prohibit computer access to your own medical record."
End DoDot:1
QUIT
+48 QUIT
MSG(DGDUZ) ;Send Missing SSN in New Person file message to mailgroup
+1 ;Input: DGDUZ - New Person (#200) file IEN (Required)
+2 ;
+3 NEW DGNPERR,DGNPNAME,DGTEXT,XMCHAN,XMDUZ,XMSUB,XMTEXT,XMY,XMZ
+4 SET DGNPNAME=$$GET1^DIQ(200,DGDUZ_",",.01,"","DGNPERR")
+5 SET XMSUB="MISSING SSN IN NEW PERSON FILE"
+6 SET DGTEXT(1)="The following NEW PERSON record does not contain a Social Security Number."
+7 SET DGTEXT(2)="This is required to access PATIENT file entries."
+8 SET DGTEXT(3)=""
+9 SET DGTEXT(4)=$SELECT(DGNPNAME'="":DGNPNAME,1:"UNKNOWN")
+10 SET DGTEXT(5)="NEW PERSON (#200) File Internal Entry Number (DUZ): "_+DGDUZ
+11 SET DGTEXT(6)=""
+12 SET DGTEXT(7)="This message has been sent to DG MISSING NEW PERSON SSN mail group."
+13 SET DGTEXT(8)="Please take appropriate action."
+14 SET XMTEXT="DGTEXT("
+15 SET XMDUZ=$SELECT(DGNPNAME'="":DGNPNAME,1:.5)
+16 SET XMY("G.DG MISSING NEW PERSON SSN")=""
+17 SET XMCHAN=1
+18 DO ^XMD
+19 QUIT
SENS(DGSENS,DFN,DGDUZ,DDS,DGSENFLG) ;Determine if sensitive record
+1 ;Input:
+2 ; DGSENS - Array name passed by reference
+3 ; DFN - Patient (#2) file IEN (Required)
+4 ; DGDUZ - New Person (#200) file IEN
+5 ; DDS - Screenman variable
+6 ; DGSENFLG - If defined, patient record sensitivity not checked
+7 ;
+8 ;Output:
+9 ; DGSENS(1)=0 - Record is not sensitive or DGSENFLG set
+10 ; =1 - Sensitive record and user holds DG SENSITIVITY key
+11 ; - Employee and user holds DG SECURITY OFFICER key
+12 ; =2 - Sensitive record and user does not hold key
+13 ; - Employee and user does not hold key
+14 ; =-1 - Required input variable not defined
+15 ; If 1, 2 or -1, array will contain error/display message
+16 ;
+17 NEW DGMSG,DGA1,DG1,DGDATE,DGLNE,DGT,DGTIME,DGEMPLEE
+18 ;Patient file DFN must be defined.
+19 IF '$DATA(DFN)
Begin DoDot:1
+20 SET DGSENS(1)=-1
+21 SET DGSENS(2)="DFN not defined."
End DoDot:1
QUIT
+22 SET DGSENS(1)=0
AUDIT ;ihs/cmi/maw 3/7/2011 added for certification via Medsphere
IF DFN>0
IF $$GET^XPAR("ALL","DI AUDIT PATIENT LOOKUPS")
DO ACCESSED^DIET(2,DFN)
+1 IF $DATA(DGSENFLG)
QUIT
+2 ;Determine if patient is employee
+3 SET DGEMPLEE=$$EMPL(DFN)
+4 ;Quit if not an employee & not found in DG Security Log file
+5 IF 'DGEMPLEE
IF ('$DATA(^DGSL(38.1,+DFN,0)))
QUIT
+6 ;Quit if not an employee and not flagged as sensitive
+7 IF 'DGEMPLEE
IF ($PIECE($GET(^DGSL(38.1,+DFN,0)),U,2)'=1)
QUIT
+8 ;DUZ & user name must be defined
+9 SET DGMSG=$SELECT('$GET(DGDUZ):"user code",'$DATA(^VA(200,DGDUZ,0)):"user name",1:"")
+10 IF DGMSG'=""
Begin DoDot:1
+11 SET DGSENS(1)=-1
+12 SET DGSENS(2)="Your "_DGMSG_" is undefined. This must be defined to access"
+13 SET DGSENS(3)=" a restricted patient record."
End DoDot:1
QUIT
+14 SET DGSENS(1)=1
+15 ;Inpatient check - no longer used (kept for future reference)
+16 ;D H^DGUTL S DGT=DGTIME D ^DGPMSTAT
+17 SET DGSENS(2)="***WARNING***"
+18 IF $GET(DDS)'=""
SET DGSENS(2)=DGSENS(2)_" ***RESTRICTED RECORD***"
+19 IF $GET(DDS)=""
SET DGSENS(3)="***RESTRICTED RECORD***"
+20 IF DGEMPLEE
IF ('$DATA(^XUSEC("DG SECURITY OFFICER",+$GET(DGDUZ))))
Begin DoDot:1
+21 SET DGSENS(1)=2
+22 DO PRIV
End DoDot:1
QUIT
+23 IF '$DATA(^XUSEC("DG SENSITIVITY",+$GET(DGDUZ)))
Begin DoDot:1
+24 SET DGSENS(1)=2
+25 DO PRIV
End DoDot:1
+26 QUIT
PRIV ;Privacy Act statement for DGSENS array
+1 SET $PIECE(DGLNE,"* ",38)=""
+2 IF $GET(DDS)=""
SET DGSENS(4)=DGLNE
+3 ;S DGSENS(5)="* This record is protected by the Privacy Act of 1974 and the Health *"
+4 ;S DGSENS(6)="* Insurance Portability and Accountability Act of 1996. If you elect *"
+5 ;S DGSENS(7)="* to proceed, you will be required to prove you have a need to know. *"
+6 ;S DGSENS(8)="* Accessing this patient is tracked, and your station Security Officer *"
+7 ;S DGSENS(9)="* will contact you for your justification. *"
+8 ;IHS/OIT/LJF 11/03/2005 PATCH 1004 call IHS rtn to build message array
+9 DO MSG^BDGSECU
+10 ;S DGSENS(5)="* This record is protected by the Privacy Act of 1974. If you elect *"
+11 ;S DGSENS(6)="* to proceed, you will be required to prove you have a need to know. *"
+12 ;
+13 ;IHS/ANMC/LJF 8/31/2001 changed message text
+14 ;S DGSENS(7)="* Accessing this patient is tracked, and your station Security Officer *"
+15 ;S DGSENS(8)="* will contact you for your justification. *"
+16 ;S DGSENS(7)="* Accessing this patient is tracked. The assigned Sensitive Patient *"
+17 ;S DGSENS(8)="* Tracking monitor will contact you for your justification. *"
+18 ;IHS/ANMC/LJF 8/31/2001 end of mods
+19 ;IHS/OIT/LJF 11/03/2005 end of new mod
+20 ;
+21 IF $GET(DDS)=""
SET DGSENS(10)=DGLNE
+22 QUIT
EMPL(DFN,DGCHELIG) ;Does patient have any eligibility codes equal to
+1 ; EMPLOYEE
+2 ;Input:
+3 ; DFN - Patient (#2) file IEN (required).
+4 ; DGCHELIG - Flags to determine mode of execution (optional).
+5 ; Value of the parameter can contain any combination
+6 ; of the following characters:
+7 ; "P" - check primary eligibility code
+8 ; "S" - check secondary eligibility codes
+9 ;
+10 ; If this parameter is either not defined or set to an
+11 ; illegal value, the value of "PS" will be assumed.
+12 ;Output:
+13 ; 1 - Patient has EMPLOYEE as an eligibility code
+14 ; 0 - Patient doesn't have EMPLOYEE as an eligibility code
+15 ;
+16 ;Notes: EMPLOYEE is entry 14 in the MAS ELIGIBILITY CODE file (#8.1)
+17 NEW DGELIG,DGEMPLEE
+18 SET DGEMPLEE=0
+19 IF $GET(DGCHELIG)'["P"
IF $GET(DGCHELIG)'["S"
SET DGCHELIG="PS"
+20 ;Check primary eligibility
+21 IF DGCHELIG["P"
Begin DoDot:1
+22 SET DGELIG=+$GET(^DPT(DFN,.36))
+23 IF $DATA(^DIC(8,"D",14,DGELIG))
SET DGEMPLEE=1
End DoDot:1
+24 ;Check secondary eligibilities (if needed)
+25 IF DGCHELIG["S"
IF 'DGEMPLEE
Begin DoDot:1
+26 SET DGELIG=0
+27 FOR
SET DGELIG=+$ORDER(^DPT("AEL",DFN,DGELIG))
IF 'DGELIG
QUIT
IF $DATA(^DIC(8,"D",14,DGELIG))
SET DGEMPLEE=1
QUIT
End DoDot:1
+28 QUIT DGEMPLEE
