2021-04-30 Release 95

FEATURES

Pharmacy Module: Added Security Roles Logic

The ControlCheck Pharmacy Module has been upgraded to support strict Security Roles on the Pharmacy Audit page. We have encountered a new use case that required us to re-think how permissions are controlled on the Pharmacy Audit page. The initial version of Pharmacy Audit assumed that all auditors were created equal; the audit page operated under the assumption that any user with access to the Pharmacy Audit page should see all the order and load event data for a particular hospital. The Pharmacy module has evolved and now ControlCheck Manager Users have more flexibility and control over who sees what on the Pharmacy Audit page. Full Access users are unaffected by this update.

In order to make this work and make sense, we had to make the Wholesaler Account Numbers the location of Wholesaler order events. Manager users will now start to see these account numbers showing up in the Location Mapper to be assigned to a department for security role purposes. Managers can create a unique department for each site using the same Pharmacy Module so that the unique department can be assigned to a security role. In the example we will be using, we will create a department called Pharmacy Site 1 to represent a single site.

Next, map all Account Numbers used at Pharmacy Site 1 into the corresponding department by clicking the checkbox next to the Account Numbers in the Location column, selecting the Pharmacy Site 1 department from the Department column, and clicking Map Location(s) to Department.

When new Account Numbers or narc vault locations come in through a source file and are unmapped, the events associated with those locations will be held in pending until the locations have been mapped to a department. Manager users will be alerted of pending, unmapped locations by the red number badge next to the Location Mapper option under the Manage tab.

Non-manager users will be alerted by a yellow banner on the Pharmacy Audit page that pharmacy audit events have been held in processing and that a user with manager permissions needs to map the locations.

Now that the department has been built and locations added, the department is ready to be added to a Security Role. Managers can create a new security role with the Pharmacy Site 1 department on it, or add the department to an existing security role. Users with this security role will only be able to see Pharmacy data for the narc vault locations and account numbers mapped to that department.

Ensure that the security role has the Permission for Pharmacy Audit Page is enabled by clicking the toggle shown below.

Now that the unique security role for Pharmacy Site 1 has been created, Managers can assign the security role to a user's account. Under Account Management, Managers can select the Pharmacy Site 1 security role and add to an existing or new account when created.

The impact of these changes can mostly be felt on the Pharmacy Audit page itself. When a user with Pharmacy Audit permissions navigates to their Pharmacy Audit page, they will only see data that respects the permissions of their assigned security role. Full Access users are unaffected. If a user has access to department X but not department Y, and an event summary contains both departments, then the user will see the event summary.

The filter previously labeled Location is now a Department filter and is scoped to only contain departments available to a user via their security role permissions. Full Access users can use this filter to narrow Pharmacy Audit results for a desired department or site.

A summary of the changes made to Pharmacy Module in this release can be found below. 

•  Pharmacy Audit page data and permissions will now be scoped to Security Role permissions. Because we have the possibility of non-Full Access users using the Pharmacy Audit page today, we had to make some changes to support the rollout of this. Those changes are described below. 
• Full Access users will be unaffected by this change. 
• The Location filter on the Pharmacy Audit page will now be a Department filter. 
•  Wholesaler order events did not previously have a Location. When this release goes out, all order events will be given a Location. The Location will be the Account Number the order event came from; if that value is null in the source file, the Location will be filled as Placeholder Wholesaler Location. 
•  Narc vault events generally have a Location but for ones that do not, they will get the Location Placeholder Narc Vault Location. 
•  Both of these Placeholder Locations will be mapped into a department called Central Pharmacy automatically by ControlCheck when these changes roll out. 
•  The department Central Pharmacy will be automatically added to any security roles where the Pharmacy Audit page is enabled. This is to ensure non-Full Access users of the Pharmacy module retain their access to the data in Pharmacy audit table. 
•  Wholesaler Account Numbers will be treated like Locations which means they need to be mapped into a department. This also means that when a new, unmapped Account Number comes in through a file, it will need to be mapped. Events in that location will be held up until the Location has been mapped.

Added Hospital Name in Event Summary Assignment Email

ControlCheck continues to identify ways to improve the workflow for multi-hospital users. System-level users who perform daily work in ControlCheck for multiple sites can have a confusing experience when receiving the Assigned to an Event Summary email notification. In this release, we added the hospital name to the email notification so that users can more quickly determine what hospital they need to log in to and view their new assigned event summaries, as shown below. Take advantage of this enhancement by setting up inbox filters using the hospital name to ensure your event summary assignment email notifications are housed independently.

Not sure if you are receiving the Assigned to an Event Summary email notification? To double check that you are subscribed to receive this notification, navigate to your Account Settings page, found by clicking the menu under your name. 

Ensure the toggle for Assigned to an Event Summary is enabled. 

Upgrades & Fixes

• Upgraded the processing of provider names from source files to evaluate more information, such as User ID, when determining if two providers with the same name should be merged with all their events together or not. 
• Fixed an issue that was misprinting the System Benchmarks PDF report.
• Fixed an issue with processing files that contain UTF-8 characters.
• Fixed a bug that caused the text on the System Benchmarks Time to Admin and Waste report to be an illegible, light color.
• Fixed a bug that prevented the IRIS natural language from printing on the hover tool for the Med Trends metric when viewing a user’s IRIS scorecard on their Investigation User Portfolio. 
• Fixed a bug in IE11 that was preventing users from assigning event summaries to other users.