Completed Procedure Edit Security

[galligan]

I have recently implimented the security setting of disallowing employees to edit completed procedures. However, my real goal was to prevent completed procedures from being deleted. Does anyone have any advise regarding the prevention of employees deleting a completed procedure while still allowing them to edit minor goofs and inputing notes after the procedure has been set complete? Is my goal of only disallowing the deletion of procedures flawed...is their further significant cause for alarm by letting non-mgmt. staff edit other aspects of a completed procedure? I have the Microsoft Windows security settings to disallow staff from deleting files from our administrative Windows based office files. Can or should I set up a similar file-deletion security to disallow file deletion in the OD data folder (Y drive) on our server and leave the OD security setting to allow editing? I have no knowledge of programming...Is a certain file created (that I can protect from deletion) in the data folder to represent the change to "completed"?

[nathansparks]

There is absolutely no connection between file user permissions, database user permissions and OD program user permissions. Three sets of users, three sets of permission, no relationships. Now to your issue. When a procedure is deleted, it is simply marked as deleted, it is not really deleted. While you explained what you want, you did not explain why. That might help me, I do not get what you are trying to prevent. 'Preventing deletion of procedures' is not what I mean. I mean WHY? What consequence(s) is(are) there (specifically)

[jordansparks]

Deletion is one form of editing. So the same permission that prevents editing prevents deletion. You might set it to 1 day if you really want it tight. We will probably add a separate permission later for deletion. I think it's already a feature request.

[galligan]

Thank you both for your replies...

Nathan, my intent is to prevent the deletion of a procedure that occured in the past as an embezzlement prevention. The scenario I've envisioned is monetary collection for a procedure that occured a month ago, delete the procedure, pocket the money. The procedure disappears from the aging report afer deletion. Editing would allow the employee to zero the balance but the procedure would remain and could be detected by running a report that lists ADA coded procedures with $0 fees. Does anyone have another report or method to audit such a scenario? It was mentioned to use random backups to monitor changes by comparing realtime info. to saved backup info....what are some of the suggested key reports to compare for embezzlement/fraud protection?

Jordan, the allow edit for one day...seems like I will need to update the "date" for this feature everyday to continue allowing "today only" editing, am I wrong about this? Allowing editing/deletion of todays procedures only will work well for my security concern, but hopefully, it can be automated.

[jordansparks]

No, you won't have to change the date every day. You have the option of using a date OR a number of days in the past. I'm not talking about the global lock date, but instead about the options within the procedure edit permission itself. Also, in newer versions of Open Dental, you can do the same thing with the global lock date.