We develop an application for health institutions. And we have doctors
and nurses using the application. Normally, they only have access to
patients in their department. Then some emergency appears and they may
need access to patients they normally not have access to.
We would like to create a "blue light button" where they gain access to everything if
they provide some reason to invoke this function. And the logging
level is of course raised in these situations.
Is this possible through Visual Guard?
You can create two roles. One would be "normal" and the other "emergency".
You can create all the permissions (or restrictions) linked to the everyday work of the staff, and gather them in the "normal" role.
You can gather in the "emergency" role the permissions (or restrictions) adapted to emergencies.
Each member of staff will be granted both roles and will be able to choose one the other role depending on the situation.
Then, you will be able to decide which actions are logged or not (thanks to the audit features of Visual Guard).
You can log every actions, or only actions performed with the "emergency" role.
You can use permissions with conditions.
In Visual Guard, you can define a condition to decide in which case a permission should apply.
In your context, when needed, the application goes in "emergency mode", then:
- Some actions will be allowed (for example see the file of patients from an other department)
- Some actions will be logged ( for example modification of the file of the patient)
* This solutions allow to avoid the "change role" step (maybe you or your customers prefer to avoid this)
* You do not have to maintain two roles. The " emergency" permissions are granted to the user (nurse or doctor) anyway. The fact the permissions are applied / or not depends on the condition, and not on the role.
* Your application will manage as usual the starting and stopping the "emergency" mode (what you call "blue button")