Ansicht
Dokumentation

ISH_MISC2: Pseudonymization (New) ( RELNISH_605_ISHMISC2_PS0 )

General Data in Customer Master   ABAP Short Reference  
This documentation is copyright by SAP AG.

Short text

ISH_MISC2: Pseudonymization (New)

Use

As of SAP Enhancement Package 5 for SAP ERP 6.0, Industry Extension Healthcare (IS-H 605), Business Function SAP Patient Management Legal Process Adoption 2 (ISH_MISC2), the following applies:

• You can enter pseudonymized patient master data in addition to the original patient master data.

• You can restrict access to original patient master data using authorizations.

Pseudonymization is available for the following products:

• SAP Patient Management

• SAP Ambulatory Care Management

Pseudonymization is available for the following country versions:

• Germany

• France

• Italy

• Canada

• Netherlands

• Austria

• Switzerland

• Spain

Further information about new country-specific features for pseudonymization are available in the country-specific release notes.

Patient Master Data That Can Be Pseudonymized

You can pseudonymize all patient data apart from the following exceptions:

• You can only pseudonymize one address.

• You cannot pseudonymize the telex number.

• You can only pseudonymize one telephone number.

• You can only pseudonymize one e-mail address.

Note: You can exclude individual fields from pseudonymization using screen modification (for example, birthdate and sex: see also special notes for groupers).

Standard System Behavior

The system behaves as usual for non-pseudonymized patients.

In the case of pseudonymized patients, the system behavior is generally determined by the user's authorizations:

• If the user has authorization to access original patient master data, they can view this data throughout the system.

• If the user does not have authorization to access original patient master data, they can only view the pseudonymized patient master data (with a few exceptions, which are described below under Exceptions).

For more information about the available authorization objects and their effect on system behavior, see Authorization Objects.

The standard system behavior described here also applies to the following areas in particular:

• Business Intelligence data extraction

• Business Application Programming Interfaces (BAPIs)

• Business Add-Ins (BAdIs)

• Enterprise Services

• Grouper connection

• Patient accounting transactions

We recommend that you restrict access to the patient accounting transactions to certain user groups (using transaction authorization). You should also authorize the relevant user groups to access original patient master data (for more information, see the release note ISH_MISC2: New Authorization Objects for Pseudonymization (New).

Exceptions

There are some areas where the standard system behavior described above does not apply:

• Connection to Financial Accounting

The system only creates customers for self-payers in background processing if the user has authorization to access original patient master data.

The system locks direct navigation from the view of a self-payer insurance relationship in SAP Patient Management to the corresponding customer in Financial Accounting if the user does not have authorization to access original patient master data.

• Open items

The system prevents any jumps to the list of open items if the user does not have authorization to access original patient master data.

• Insurance relationships

If the user does not have authorization to access original patient master data and the patient has pseudonymized patient master data:

• The system displays pseudonymized self-payer data for the self-payer insurance relationship

• The system displays pseudonymized master data for the third-party payer for the pseudonymized third-party payer

• The system does not allow you to display or maintain the data of main person insured for a pseudonymized patient.

• The system displays any alternative invoice recipients that exist.

• The system displays original data for a pseudonymized third-party payer if their data is stored in an institution other than that of the patient.

If the user does not have authorization to access original patient master data and the patient does not have pseudonymized data, the system displays the original master data for a pseudonymized third-party payer.

You can only pseudonymize a third-party payer if they are recorded as a patient in SAP Patient Management.

• Copayment/Down Payment

Users who do not have authorization for original patient master data can still enter a copayment or down payment. However, the system suppresses display of the text for the document item, since it could contain elements of patient master data. The system always transfers original patient master data to Financial Accounting in the text of the document item.

• EDI

The EDI communication procedures always transfer original patient master data.

This means the transactions for displaying message content will also always display original patient master data. The system therefore does not check the authorization objects for pseudonymization in this case. However, you can restrict access to these transactions using transaction authorization.

• Communication in SAP Patient Management: HCM component

In the HCM component, you can configure the desired system behavior according to the recipient system. You can either always transfer original patient master data or pseudonymized master data to a recipient system. You can specify which is to be the case in Customizing for SAP Healthcare - Industry-Specific Components for Hospitals under Communication -> Partner Systems -> Maintain System Attributes.

• Forms

See release note ISH_MISC2: New Features in Form Printing (New).

• Country Version Germany

See release note ISH_MISC2: DE: Pseudonymization (New).

For more information about these exceptions to system behavior, see the corresponding sections of this release note, or the separate release notes for these topics.

Functions in Customer-Specific Developments

The standard system behavior described above also applies in principle to functions in customer-specific developments. However, this is only the case if you use the standard SAP APIs to access patient master data (for example, function module ISH_READ_NPAT).

If you access tables directly in your customer programs (for example, table NPAT), you skip the authorization checks for pseudonymization.

Note:

• The following tables contain the original patient master data:

• NPAT

• NADR

• BUT000

• ADRC

• NPNT

• Table NPSPAT contains pseudonymized patient master data.

Special Notes

General

If the user does not have authorization to access original patient master data, the system processes the pseudonymized data. This allows you to influence dependent processes (for example, when a different sex is transferred to a grouper or a service rule takes a pseudonymized birthdate into account). This release note describes the dependent processes as far as possible. We generally recommend that you make sure that users who use dependent processes that require information from patient master data and the patient address have authorization to access original patient master data.

It is easier to implement the pseudonymization function if you give all users access to original patient master data (thus avoiding problems with the dependent processes) but only give certain user groups the authorization to include original patient master data in the patient search. This makes it more difficult to find pseudonymized patients but does not restrict the actual processing function.

Entry of Data on Main Person Insured

You can enter main person insured data for a patient who has not been pseudonymized. It may be that the main person insured is himself a pseudonymized patient. In this case, the system searches for patients as the main person insured in accordance with the user's authorization; that is, according to whether or not they are authorized to search for original patient master data for pseudonymized patients. When transferring patient master data for the main person insured, the system behavior also corresponds to the user's authorization.

Groupers

You can pseudonymize patient master data that is grouper-relevant in some countries (for example, sex and birthdate). When transferring this data to a grouper, the system behaves as described under Standard System Behavior. This means if data transfer to the grouper is performed by a user who does not have authorization for original patient master data, the grouper result may be incorrect.

Recommendation: We recommend assigning the authorizations for original patient master data to all users who are responsible for transferring data to a grouper.

Note: If you exclude the grouper-relevant fields from pseudonymization using screen modification, this can lead to errors. For example, the system copies the birthdate and sex from the original patient master data the first time it creates pseudonymized patient master data (even if you have defined a screen modification so that these fields are hidden), but does not update these entries afterwards to reflect any changes to the original patient master data.

Merge Patients

You can also merge two patients if one or both are pseudonymized. When you do this, the system retains the pseudonymized master data of the patient who remains active. If the only pseudonymized patient is the one who is being deactivated, the system does not copy this pseudonym. The system does not check pseudonymization-relevant authorizations during patient merging.

Handling of Electronic Cards

The system handles electronic cards for pseudonymized patients as described under Standard System Behavior; that is to say, the system behavior depends on the user's authorizations. The user requires authorization to access original patient master data in order to search for a pseudonymized patient by their electronic card. However, you should check whether the release note on this topic for your country version contains additional information for the electronic cards used in your country.

Pseudonym Field

The old Pseudonym field in patient master data maintenance still exists for reasons of upward compatibility but has no connection with the new pseudonymization function.

New Change Documents for Pseudonymized Patient Master Data

The system documents changes to pseudonymized patient master data in change documents (object class NPSPAT). You can display these change documents, for example, using report RSSCD100. They cannot be displayed directly from the Clinical Process Builder (transaction NV2000).

Effects on Existing Data

Effects on Data Transfer

Effects on System Administration

Effects on Customizing

You can activate or deactivate pseudonymization client-wide in Customizing for SAP Healthcare - Industry-Specific Components for Hospitals under Basic Settings -> System Parameters -> Maintain Client-Specific Basic Control. It is not activated as standard. If you deactivate the pseudonymization function again later, the pseudonymized patient master data remains in the system but no longer affects system behavior.

Further Information

For more information about pseudonymization, see:

• ISH_MISC2: New Features in the Clinical Process Builder (NV2000) (New)

• ISH_MISC2: New Features of the Patient Search (New)

• ISH_MISC2: New Authorization Objects for Pseudonymization (New)

• ISH_MISC2: New Features in Form Printing (New)

• ISH_MISC2: AT: Pseudonymization (New)

• ISH_MISC2: CH: Pseudonymization (New)

• ISH_MISC2: DE: Pseudonymization (New)

• ISH_MISC2: IT: Pseudonymization (New)

rdisp/max_wprun_time - Maximum work process run time   Addresses (Business Address Services)  
This documentation is copyright by SAP AG.

Length: 16023 Date: 20240602 Time: 113231     sap01-206 ( 231 ms )