Permissions to access Order Entry UI functionality

Hello everyone, I have added order entry module and created orders through it. But I am only able to access order entry module functionality when I am logged in with admin.

but not able to access this functionality when I logged in with some other user.

So what are permissions or roles that I need to assign to user so that he can access the functionality.

Thanks in advance.

I am having the same issue: Order Entry UI works for users with the role “Application: Has Super User Privileges” but does not work for my Clinician users. However: If I am logged in as a clinician user and I manually edit the URL to go to the order entry page, I am able to enter orders. Thus the problem seems to be specifically that the link to the order entry page does not show on the dashboard unless you are a Super User.

Other information which might be helpful: I have a global property orderentryowa.encounterRole with value Clinician.

I have an Encounter role with the name Clinician.

I have an Encounter Type order entry with Edit Privilege = “Edit orders” and View Privilege = “View orders”.

My clinician user has the following roles:

  • Application: Edits Existing Encounters
  • Application: Enters ADT Events
  • Application: Enters Vitals
  • Application: Manages Provider Schedules
  • Application: Records Allergies
  • Application: Registers Patients
  • Application: Requests Appointments
  • Application: Schedules And Overbooks Appointments
  • Application: Schedules Appointments
  • Application: Sees Appointment Schedule
  • Application: Uses Capture Vitals App
  • Application: Uses Patient Summary
  • Application: Writes Clinical Notes
  • Privilege Level: Full

Privilege: Full has lots of privileges, but the ones pertaining to orders seem to be:

  • Privilege Level: Full Add Orders
  • Privilege Level: Full Delete Orders
  • Privilege Level: Full Edit Orders
  • Privilege Level: Full Get Order Frequencies
  • Privilege Level: Full Get Order Set Attribute Types
  • Privilege Level: Full Get Order Sets
  • Privilege Level: Full Get Order Types
  • Privilege Level: Full Get Orders
  • Privilege Level: Full Manage Order Frequencies
  • Privilege Level: Full Manage Order Set Attribute Types
  • Privilege Level: Full Manage Order Sets
  • Privilege Level: Full Manage Order Types
  • Privilege Level: Full View Order Types
  • Privilege Level: Full View Orders

This user is a provider, and the provider role is set to Clinical Doctor. Setting the global property orderentryowa.encounterRole to value Clinicial Doctor makes no difference.

Any idea what might be missing?

I think I’ve figured it out. The answer is actually given here:

… but for the next person who finds this thread:

You need a privilege named ‘App: orderentryui.drugOrders’ and you need to assign this privilege to an appropriate role. In my system, the users have the role ‘Application: Uses Patient Summary’ so I used the following commands in the database:

insert into privilege values ('App: orderentryui.drugOrders', 'Allows access to order entry page', 'c696ddf8-0fe5-11ec-9f95-005056bc15d1');
insert into role_privilege values('Application: Uses Patient Summary','App: orderentryui.drugOrders');

There’s probably a way to do that via the UI as well, but I like SQL, so that’s how I solved it.

Turns out the solution I posted above does not survive a reboot.

This part works:

insert into privilege values ('App: orderentryui.drugOrders', 'Allows access to order entry page', 'c696ddf8-0fe5-11ec-9f95-005056bc15d1');

… but the privileges for the ‘Application: Uses Patient Summary’ role appear to be reset on reboot. So now I’ve replaced that with:

INSERT INTO `role` VALUES ('Application: Order Entry','Able to enter orders','670a59c5-6170-42ff-b757-e70affc49c6b');

INSERT INTO `role_privilege` VALUES ('Application: Order Entry','App: orderentryui.drugOrders');

INSERT INTO `role_role` VALUES ('Privilege Level: High','Application: Order Entry');

INSERT INTO `user_role` VALUES (20,'Application: Order Entry');

(the last one needs to be repeated for each user_id that needs access).