Client Privacy Settings on the Client level
Clarity would be so much more robust and flexible if client privacy settings were tied to the client and not the agency. Our community offers clients the ability to revoke consents. We also import data from another system so we are forced to choose between database health (client matching on) or client privacy. All of these issues would be resolved if client privacy was set at the client level vs. the agency.
Noah Frigault commented
We're with an agency that provides both supportive housing and on-site case management services. It is critical that we protect sensitive information on the case management side internally, especially HIPAA-protected medical information.
Joshua Kramer-Jensen commented
To expand on this, currently, client privacy is tied to the Agency which created the client. Private clients can only be associated with one agency, and clients with data from multiple agencies cannot be changed to private. Clients with data in multiple agencies must be duplicated, which breaks cross-agency reports, as the duplicated client will show up as multiple individuals.
These issues could be resolved by a Client Privacy Setting that restricts access to a client record based on the agencies it is currently associated with.
For example, a client is enrolled with AgencyA and AgencyB, then revokes sharing permission. Enabling the proposed privacy setting for the client would cause them to be visible only to these agencies. If the client were then enrolled with AgencyC, a new client record would need to be created, as the original is not visible to AgencyC. This record could then be merged with the original, private client by an Admin, and would then only be visible to AgencyA/AgencyB/AgencyC.
Matan BenYishay commented
Or confidential programs as well!