What privacy and access restrictions apply to NRL Consumer functionality - i.e., is the expectation that clinicians either have no access to the NRL Consumer functionality or ‘full access’, meaning an unfiltered view of search results and access to all document content?
The National Record Locator permissions model limits which pointer types a consuming end user organisation can consume.
We mandate that consuming applications ensure end users are authenticated to AAL2 or higher.
Consuming applications can put further controls in place. Access does not have to be “all or none.” Role-based access controls (RBAC) can be applied at different levels. For example, for the National Care Record Service (NCRS), users with RBAC role B0268 can view pointer information (such as document dates, custodians, and types) but cannot retrieve the actual document (this is typically given to admin staff), whereas users with RBAC role B0269 can access the full document (this is typically given to clinical staff).
It is your responsibility to implement appropriate restrictions for staff members or classes of staff members, ensuring they have access only to the data they need.