Use Cases Administration/ Security Log Report
- Suni Bek (Unlicensed)
Glossary
1 | EMR | Electronic Medical Record |
2 | MRP | Most Responsible Physician |
3 | OMD | Ontario Medical Documentation |
1. Administration/ Security Log Report
1.1 Summary
1.1.1 Business Need
Defined users:
Super User/Administrator with full rights:
Add/Edit/Delete
Reactivate account
Access to admin part of the OSCAR
Main purpose of Administration/ Security Log Report is:
To complete audit trail of medical records
To make sure that data cannot be altered, removed or deleted
To log all activities (medical and non-medical)
To print Security Log Report
To set default drugref warning level for clinic
1.1.2. Description
Administrator is able to track who has been logging into the Admin screen or regular Log In screen using Security Log Report function and log all activities that have been performed. Administration/ Security Log Report use cases are designed to complete Audit Trail of medical records for a provider/ all providers based on the date range (start/ end). All activities must be logged (ie Log In, update, edit) including date and time, content, keywords, IP address, provider name, etc. and medical records information must be retained. Security Log Report data must not be altered, removed or deleted. User should be able to print Security Log Report and Audit Trail must make sense without having the computer in front of you (all data should be printed and user does not need to verify it again).
Audit trail report must log all add/change/delete operations on non-medical record data (non-medical data includes provider stuff such as add providers, change passwords, role creation/changes, etc.)
User with Admin privileges should have ability to set default drugref warning level for the clinic.
1.1.3. Pre-action requirements/state:
OSCAR McMaster Test Version 12.1, system, and DB are up, configured and working as expected.
1.1.4. Post-action state:
OSCAR McMaster Test Version 12.1 is running and behaving as expected.
OSCAR McMaster Test Version 12.1 has all functionality prior to the change (outside of removing functionality intentionally)
1.2 Flow of Events
This section describes the main flow of the Use Case and system responses.
Generate Security Log report
Num. | Step | Description | System Response | User |
1 | Connect to the OSCAR main page | Launch URL: http://192.168.1.202:8080/Oscar12_1/index.jsp | OSCAR main page with the login is opened | Super User |
2 | Log In | Enter user's valid credentials (User Name / Password/2nd Level Pass code if applicable) | By entering right credentials user is getting system verification acceptance | Super User |
3 | Access Security Log Report | Select Administration Tab → System Reports → Security Log Reports | Security Log Reports page appears in a new window | Super User |
4 | Generate audit trail of medical records | Complete audit trail of medical records | Audit trail of medical records is generated | Super User |
1.2.1 Alternate Flows of Events
This section describes the alternative flow of events based on variations in the main Use Case scenario that still result in a Successful End Condition at completion of the Use Case.
Alternate Flow 1
All activities cannot be altered, removed or deleted
Num. | Step | Description | System Response | User |
1 | Connect to the OSCAR main page | Launch URL: http://192.168.1.202:8080/Oscar12_1/index.jsp | OSCAR main page with the login is opened | Super User |
2 | Log In | Enter user's valid credentials (User Name / Password/2nd Level Pass code if applicable) | By entering right credentials user is getting system verification acceptance | Super User |
3 | Access Security Log Report | Select Administration Tab → System Reports → Security Log Reports | Security Log Reports page appears in a new window | Super User |
4 | Generate audit trail of medical records | Complete audit trail of medical records | Audit trail of medical records is generated | Super User |
5 | Log all activities | Verify that all activities are logged (not just add/delete/modify but also including simply who accessed the data and when) | All activities are logged | Super User |
6 | Data cannot be updated or deleted | Verify that user is not able to alter, remove, or delete Data | User is not able to alter, remove, or delete Data | Super User |
Alternate Flow 2
Medical records info must be retained
Num. | Step | Description | System Response | User |
| Pre-condition | Medical records are available to view |
|
|
1 | Connect to the OSCAR main page | Launch URL: http://192.168.1.202:8080/Oscar12_1/index.jsp | OSCAR main page with the login is opened | Super User |
2 | Log In | Enter user's valid credentials (User Name / Password/2nd Level Pass code if applicable) | By entering right credentials user is getting system verification acceptance | Super User |
3
| Access Security Log Report | Select Administration Tab → System Reports → Security Log Reports | Security Log Reports page appears in a new window | Super User |
4 | Generate audit trail of medical records | Complete audit trail of medical records | Audit trail of medical records is generated | Super User |
5 | Verify Medical records information history | Verify that Medical records info are retained | Medical records info are retained | Super User |
Alternate Flow 3
Security Log Report is printable
Num. | Step | Description | System Response | User |
1 | Connect to the OSCAR main page | Launch URL: http://192.168.1.202:8080/Oscar12_1/index.jsp | OSCAR main page with the login is opened | Super User |
2 | Log In | Enter user's valid credentials (User Name / Password/2nd Level Pass code if applicable) | By entering right credentials user is getting system verification acceptance | Super User |
3 | Access Security Log Report | Select Administration Tab → System Reports → Security Log Reports | Security Log Reports page appears in a new window | Super User |
4 | Generate audit trail of medical records | Complete audit trail of medical records | Audit trail of medical records is generated | Super User |
5 | Print Security Log Report | Verify that Security Log Report is printable | Security Log Report is printed | Super User |
6 | Printed audit trail contains user readable records | Verify that printed audit trail must make sense without having the computer in front of you (all data should be printed and user does not need to verify it again) | Printed audit trail must make sense without having the computer in front of you | Super User |
Alternate Flow 4
Non-medical data includes provider's actitvities
Num. | Step | Description | System Response | User |
| Pre-condition | Non-medical records are available to view (add, change passwords, role creation/changes, etc) |
|
|
1 | Connect to the OSCAR main page | Launch URL: http://192.168.1.202:8080/Oscar12_1/index.jsp | OSCAR main page with the login is opened | Super User |
2 | Log In | Enter user's valid credentials (User Name / Password/2nd Level Pass code if applicable) | By entering right credentials user is getting system verification acceptance | Super User |
3 | Access Security Log Report | Select Administration Tab → System Reports → Security Log Reports | Security Log Reports page appears in a new window | Super User |
4 | Generate audit trail of non-medical records | Complete audit trail of non-medical records | Audit trail of non-medical records are generated | Super User |
5 | Verify non-medical records information | Verify that non-medical data includes provider activities and non-medical records info is available to view | Non-medical data includes provider activities and non-medical records info is available to view | Super User |
Alternate Flow 5
Set default drugref Warning Level for clinic
Num. | Step | Description | System Response | User |
1 | Connect to the OSCAR main page | Launch URL: http://192.168.1.202:8080/Oscar12_1/index.jsp | OSCAR main page with the login is opened | Super User |
2 | Log In | Enter user's valid credentials (User Name / Password/2nd Level Pass code if applicable) | By entering right credentials user is getting system verification acceptance | Super User |
3 | Access Facilities page | Select Administration Tab → System Management → Manage facilities | Facilities page appears in a new window | Super User |
4 | Set up Drugref warning Level for Clinic | Verify that default drugref Warning Level for clinic can be set | Default Interaction Warning Level for clinic is set
| Super User |
1.2.2 Exception Flows of Events (Negative)
N/A