Hi there Forum!

I am setting up record access control for a database containing Patients Records.

Scenario: Patient Records can only be viewed by specified Practitioners who have a Practitioner Record. This record contains their particulars as well as a unique Practitioner ID.

Solution: I have created a table called “User Record Access” that has a field called SUBID that relates to the ID of any given Patient Record and the Practitioner ID.

In Security, I have set up a Privilege Set that I allocate Practitioners to which has limited viewing privileges with “Records can be viewed when:”

> Get ( AccountName ) = USER ACCESS CONTROL::Personnel ID

This seems to be working okay for the first record that shows up in the portal, however secondary records onwards do not seem to be recognized as authorized viewers.

I look forward to anyone’s thoughts or suggestions.

Kind regards

Tim

Each Patient record should store the Practitioner ID or there should be a join table btw Patient and Practitioner, storing both foreign keys.

Let's take the more simple design, a patient's record can only be viewed by his assigned Practitioner. So, each Patient record has a field "Practitioner" that stores his assigned PractitionerID. On a Practioner form view, you'd have a portal of his patients (using a relationship matching on PractitionerID).

I would capture the Practitioner's ID into a global field or variable on login. That is, my Open Script would find in Practitioner for Get(AccountName) and then store the found PractitionerID into a global. In the Patient table, I'd create a RLA rule where view is allowed if Patient::PractitionerID = gPractitionerID.

If using a join table, the rule moves to the join table, and the portal on the Practitioner form is based on the join table.

btw, your relationship above is incorrect. You seem to be matching an accountname with an ID.