Hero Health - EMIS Web Support Guide

What is the role of RBAC activities in managing confidentiality policies?

Care record
Beginner

In EMIS Web, confidentiality policies function as crucial mechanisms to ensure the privacy of patient data by restricting access based on defined user roles. These policies allow access to patient records and data items only for users who are part of a specific work group or hold the necessary RBAC (Role-Based Access Control) activity privileges.

Managing Confidentiality Policies with RBAC

RBAC activities are integral to managing confidentiality policies effectively. They determine which users can apply, remove, or override these policies. To apply a confidentiality policy, users must have the RBAC activity B0080 'Establish Sealing Controls,' while overriding a policy requires the RBAC activity B0070 'Access Patient Sealed Data.'

Users not included in the relevant work group can see that a confidentiality policy exists, but cannot view the sensitive data it protects. This ensures high-level data privacy.

When confidentiality is overridden, notifications are triggered for the original policy applier and organisation administrators, enhancing accountability. These overrides are also audited for further security.

Applying and Removing Policies

Confidentiality policies can be applied to various elements within EMIS Web:

  • Patient's entire records, ensuring sensitive information is not inadvertently shared.
  • Individual items or events, such as specific medical conditions, where access is limited.

To apply or change these settings, navigate through the Confidentiality Policy Manager. Removal and management of these policies are similarly handled, ensuring that only authorised personnel can access pertinent information.

Implementing these confidentiality policies not only protects patient data but allows for streamlined operations within healthcare settings.

Did you know?

Hero Health can enhance patient management through various functionalities such as individual messaging and care navigation. These integrations can ensure that patient interactions remain efficient and secure, aligning with EMIS Web confidentiality standards.

For more information, visit Hero Health's features page.

Category
Care record
Sub category
Settings
Difficulty
Beginner

You might also be interested in...

How do users apply confidentiality policies to patient records in EMIS Web?

Common questions

Frequently asked questions related to this topic

What is the role of RBAC in confidentiality policies in EMIS Web?

Can I assign different confidentiality policies to restrict access to specific groups?

How do you override a confidentiality policy in EMIS Web?

What is Hero Health?

Hero is an EMIS and Systm1 integrated messaging, scheduling and triage solution for NHS GPs. You can think of us as an Accurx alternative, but with more sophisticated appointment booking and more configurable care navigation triage.

Learn more
What Hero does
Video consultations
Individual messaging
Appointment booking
Care navigation & triage
Batch messaging
Security & privacy
Data processing agreement
Privacy policy
Terms and conditions - Legacy
Terms and conditions
Cookies policy
Case studies
Appointment reminders
Care navigation & triage
Appointment reminders
Online booking
Providing solutions for
Community providers
PCN hubsites
GP practices
Partners
GP Triage
Doctaly
Hippo Labs
Engage Health
About Hero
For developersWhats new
Accessibility
Security and privacy
Careers
About Hero
Service statusArticles
EMIS Web Support Centre
AppointmentsPatientsUsing EMISCare recordWorkflowInteroperabilityPrescribing & medication
Resources
Introduction to HeroSupport centreEMIS Web Support - Home
Compare
Hero Health vs. SystmConnect
Hero Health vs. EMIS Consult
Hero Health vs. Sensely AskFirst
Hero Health vs. AskMyGP
Hero Health vs. eConsult
Hero Health vs. PATCHS
Hero Health vs. Anima Health
Hero Health vs. Accurx
Hero Health vs Swiftqueue
Hero Health vs. iPlato
Intuitive triage, appointment booking and messaging for NHS GPs
© 2025 Hero Doctor Ltd. All rights reserved.