INTERNAL: BTG Settings, User Management Settings & Related Account Settings

11/24/2024 7:29 am EST

BTG Notification and Audit Logs

When a DrChrono employee breaks the glass (BTG) into a customer's account, a notification is shown on the DrChrono website and also on mobile. This activity will also now be tracked in Audit Logs.

A blue label is displayed in the top right to show when an employee BTG into someone's account. The message says, “DrChrono accessed your account”. This is also a link that takes a user to the Audit Logs page when clicked on. It will persist until the user clicks on it and goes to the Audit Logs. This acts like an unread message until the user clicks on it.

When a user mouses over the notification it says, “DrChrono accessed your account to investigate an issue. To view details, click here to go to the Audit Logs and filter by DrChrono Access.

The audit log will record:

  • The username of the person breaking the glass
    • This will display as "DrChrono Employee" for DrChrono employees, instead of using the employee's name
  • The reason for breaking the glass
    • Instead of logging the action as "Break the Glass," customers will be shown "DrChrono Access"
  • The IP address
  • Any changes the DrChrono employee makes to the account

break-the-glass-notification2.png

BTG & User Management Lockdown: User Access

When a DrChrono Employee BTG into a customer account, the following options in the customer’s account will be disabled:

  • Account > Staff Members:
    • Disable the ability to Add Staff Members
    • Disable the ability to Remove Staff Members
    • Disable the ability to Edit Staff Members
  • Account > Provider Settings:
    • Disable Password Field
    • Disable Email Address field (new HIPAA feature)
  • On hover of any disabled field, display the message "Disabled when in BTG"
  • In the STAGING environment, these fields will still be enabled

User Management Lockdown: User Management Page

In Swords > User Management, the following will be removed:

  • Remove Deleted Staff Member” button

  • Delete Staff Member” button

There is no longer an ability to remove a deleted staff member or delete a staff member from a customer's account.

image-20230412-184148.png

The new user management page will not have the above settings.

user-management.jpg

DrChrono EHR Account Settings

Additions:

  • Customers will be allowed to change the email address they used to sign up for the account

  • The “Password” field will be disabled during BTG so it can't be changed

Changes:

  • A tooltip next to the "First Name" field that says: “Changing your name can affect drug prescriptions & clinical notes. If you need to change your name, please contact DrChrono support for more details.

Related Articles

Was this article helpful?
Thank you for your feedback!
Copyright © DrChrono by Everhealth LLC. All rights reserved.