This module provides a mechanism for filtering persistent data on a configurable and customisable basis. In a nutshell it enforces metadata-based access to users and/or roles.
For instance, out of the box, the module supports location-based and program-based access control to patient records and their clinical data. The initial implementation for those two use cases is restricted to the patients and their visits, encounters and observations.
The data model has been kept simple deliberately such that only two concepts matter: 1) which entity is being restricted by the filtering and 2) on what basis does this filtering restriction operate?
Programfor program-based access,
Locationfor location-based access, ... etc.
There are a couple of end-to-end tests in place showing the module's mechanics, see for instance
We envision adding filtering of other patient clinical data like orders, encounter diagnoses, appointments, ...etc.
We also envision a scenario where another module can leverage this module's functionality to limit access by some other criteria e.g. role-based access.
With that said, we hope to strip the location-based and program-based functionality out of this module leaving it as a very thin lightweight and reusable module purely for data filtering. The location-based access filtering should be moved to the existing Location based access module for instance.
To guarantee proper functionality of OpenMRS, it's highly recommended to install the module by stopping OpenMRS, drop the omod file in the module repository and start OpenMRS again, this also applies to uninstall it, you need to stop OpenMRS, remove the omod from the local module repository and start OpenMRS.