Introduction to Location Based Access Control
Week 1 [May 14, 2018 — May 21, 2018]
OpenMRS is an open source platform which enables the design of a customized medical records system without any of the software development experience (although it required medical and system’s analysis knowledge to use the system). OpenMRS is also a community of people working to apply health information technologies to solve problems, primarily in resource-poor environments.
OpenMRS Core is the baseline of the OpenMRS development and other modules are allowed to integrate with OpenMRS Core to expand their services and features. There are multiple distributions around the world based on the OpenMRS platform.
I am very exited to work with OpenMRS once again through this year Google Summer of Code(GSoC) . Yes, I had a chance to work with OpenMRS last year also (GSoC 2017). I worked on a project called More Metadata Management in AdminUI1under the valuable guidance of @dkayiwa. So I loved to work with OpenMRS once again for this summer.
Location Based Access Control
Currently, OpenMRS has access control based on the user privileges. So the user needs to have the required privilege to access some of the OpenMRS service.
Anyway, OpenMRS doesn’t have any proper location control for their services. Even anyone from any location can access the metadata in the OpenMRS. Actually, still, they haven’t concerned about the location management inside the OpenMRS. But we should prepare the OpenMRS to support the access control based on the locations. It will add more value to the metadata security also.
What is the solution to restrict the services based on the locations?
OpenMRS has the privilege based access control implementations. Like that one, we need to implement a Location based Access control system. It will manage the access to the services based on the locations.
Some implementations want to register the users and patients (the persons also) in certain selected locations. Then access them based on the location that someone has logged in. That way, if someone is logged in a certain location, they should see only those encounters, observations, and patients registered in that location.
Anyway, the user who has multiple locations access (like Admin in our privilege based access control system) should be able to see patients in all locations. We can allocate multiple locations access to the System Developer or System administrator.
I have started the project. Actually we are busy with project design right now to come up with a proper design for the implementation.