Choosing the Right Confidentiality Protection Method

Quick Answer

Use Method 3 — Safeguarding-Relevant Flag for most routine sensitive cases. It protects clinical confidentiality without breaking registration or appointment workflows.

What Problem Does This Solve?

Some patient information needs extra confidentiality beyond standard role-based access — domestic abuse, sexual assault, mental health, HIV/STD. CCMS provides three protection methods. This guide helps you pick the right one and apply it correctly.

Decision Guide

The three methods differ mainly in scope (whole record vs single entry) and workflow impact (whether registration can still book appointments).

Method	When to Use	Workflow Impact	Recommendation
Method 3 — Safeguarding Flag	Most routine sensitive cases (HIV, STD, domestic abuse, sexual assault, mental-health discretion)	None — registration & appointments unaffected	Start here
Method 2 — Confidential Notes	A specific entry inside an otherwise normal record, where only selected team members should see the content	None — only the note is hidden from non-authorized users	When per-note control is needed
Method 1 — Restricted Record	Court order, protected identity, or other extreme cases	High — registration cannot view, register, or book appointments	Last resort

Decision shortcut

When in doubt, choose Method 3. It covers the majority of sensitive-case needs without disrupting routine clinic operations. Escalate to Method 2 or Method 1 only when you have a specific reason the safeguarding flag is not enough.

Before You Start

Prerequisites

• Understanding of your role-based access in CCMS
• For Method 3: Safeguarding RBA enabled (Doctors, Medical Assistants, Nurses at KKBM)
• For Method 1: Administrator role, or contact Clinic Administrator / ICTSO
• A clear clinical reason for applying the protection — recorded in the notes

Method 3 — Safeguarding-Relevant Flag Recommended

The fastest, lowest-friction option. Apply this to the journal entry containing the sensitive information; users without Safeguarding RBA simply won't see the entry.

1

Document the entry as usual

Write the clinical note in the appropriate journal or clinical node

Make the entry exactly as you would for any other clinical content. Do not change wording, location, or coding to compensate — the flag does the protection.

2

Right-click and mark as safeguarding-relevant

Apply the flag from the journal context menu

1. Right-click the entry in the journal.
2. Select Mark as Safeguarding-Relevant.

Safegaurding relevant

Safegaurding relevant

Safegaurding relevant

3

Save and continue your workflow

The flag is applied — no further action needed

The entry is now visible only to users with Safeguarding RBA. Your normal workflow continues unchanged.

Who can see flagged entries?

At KKBM, Safeguarding RBA is enabled for Doctors, Medical Assistants, and Nurses. Users without this role will not see the flagged entry at all.

Best for

• HIV diagnosis and treatment documentation
• STD consultations and treatment
• Domestic abuse disclosures and interventions
• Sexual assault documentation and follow-up
• Mental health notes requiring discretion

Method 2 — Confidential Notes

Use this when a specific entry needs to be visible only to selected team members — for example, a note that should only be readable by the treating clinician and a named social worker, but not by the rest of the clinic team.

1

Open the patient record

Navigate to the journal where the note will live

Open the patient record and go to New Journal or Tabbed Journal.

2

Add a confidential journal entry

Use the dedicated confidential note option

Choose Add Confidential Note / Confidential Journal Entry. Document the sensitive information in clear, professional language.

3

Assign access to specific users or teams

Restrict to legitimate need-to-know only

Add the named users, teams, or groups that should be able to read this entry. Do not grant access on a "just in case" basis.

4

Save and verify the display

Confirm visibility behaves as expected

Save the note. Authorized users will see the entry as a red journal entry with full content. Other users will see that a confidential entry exists but cannot open the content.

Confidential notes

Visibility behaviour

• Users with access: see a red journal entry with full content
• Users without access: see that a confidential entry exists, but cannot open the content

Method 1 — Restricted Record Extreme cases only

This locks the entire patient record. Only authorized administrators can apply it.

Administrator-only

Only Clinic Administrators or ICTSO can apply a Restricted Record. Contact them with a clear justification before this is considered.

1

Open the patient record

Administrator opens the target record

The administrator opens the patient record that requires restriction.

2

Navigate to security/access settings

Find the restriction control

Go to Administrative Tree → Security/Access settings within the patient record.

3

Enable Restricted Record and define allowed users

Specify who retains access

1. Toggle Restricted Record on.
2. Specify the allowed users / teams.
3. Document the reason for the restriction in the note.

Restricted record

4

Save and notify authorized users

Make sure the small allow-list knows they have access

Save the change. Inform the named users that they are on the allow-list so the patient is not orphaned operationally.

Critical limitation

Registration staff cannot view, register, or book appointments for a restricted record. This breaks routine operations. Reserve for cases like court orders, protected identity, or genuine extreme risk — not for routine sensitive cases.