Author: admin

Firefix update breaks Oscar access

A recent Firefox update (v 38) will block access if certain security settings are not in place.
If you try to login to Oscar and get:
Error code: ssl_error_weak_server_ephemeral_dh_key
then you need to update /etc/tomcat6/server.xml

You should add the ‘ciphers’ section.

<Connector port=”8443″ maxHttpHeaderSize=”8192″
maxThreads=”150″ minSpareThreads=”25″ maxSpareThreads=”75″
enableLookups=”false” disableUploadTimeout=”true”
acceptCount=”100″ scheme=”https” secure=”true” SSLEnabled=”true”
clientAuth=”false” keystoreFile=”/pathto.keystore” sslProtocol=”TLS”
ciphers=”TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA” />

After saving the change, just restart tomcat6.
sudo service tomcat6 restart

Updating DrugRef problem – solved

A client asked me to add a few new medications to their Oscar drugref database.
Sounded easy enough. There is an Admin function for that: Update DrugRef.

I checked on a more recent installation and the new medications were listed. (Neupro).

They were originally setup with v10 and are now running v12.1 build tag: Oscar12_1-3.1general169

I ran the Admin, Update Drugref, assuming that the program would download the latest Health Canada database and update the Oscar drugref database.

Unfortunately, the result was complete deletion of all data in the drugref database and zero meds.

The solution: I updated the DPDImport.class that contains the URL of the DrugRef database.

It can be found in:
/var/lib/tomcat6/webapps/drugref/WEB-INF/classes/org/drugref/ca/dpd/fetch/DPDImport.class

I just replaced the file with a more recent version and re-ran the DrugRef update.

It seems that the location of the file has changed from:
http://www.hc-sc.gc.ca/dhp-mps/prodpharma/databasdon/txt/allfiles.zip

to:
http://www.hc-sc.gc.ca/dhp-mps/alt_formats/zip/prodpharma/databasdon/allfiles.zip

I don’t know when the Health Canada database was moved, but if you have the same problem and your version of Oscar is from about July/August 2013, you may have the same problem.

You can confirm the problem by examining the DPDImport.class file.

The URL can be located within the file and checked. If it is pointing to the old location, then you have the same potential problem. An Admin user can do the update and erase all the medications.

More information on the Health Canada database at:
http://www.hc-sc.gc.ca/dhp-mps/prodpharma/databasdon/dpd_bdpp_data_extract-eng.php

Automatic signing of Prescriptions

The automatic signing of Prescriptions is allowed in Quebec.  I have installed the change at a clinic and we have gotten a minor amount of push-pack from some pharmacists.

The solution was an ink stamp with the clinic name.  Unfortunately, this does not work if faxing the Rx, but is fine if the patient is taking it with them.

The modification also adds the following small print to the Rx:

Certification du prescripteur / Prescriber's certification</br>
Je certife que:  cette ordonnance est une ordonnance originale; le pharmacien pr&eacute;cit&eacute; est le seul destinaire; l'original ne sera pas r&eacute;utilis&eacute;.</br>
I certify that: this prescription is an original; the listed pharmacist is the only destination; the original will not be reused.

1) Make sure license# is entered in Provider.CPSID# field

2) Need to change the following program (make a backup first):
cd /var/lib/tomcat6/webapps/Oscar12_1/oscarRx
sudo cp Preview2.jsp Preview2-20130427.jsp
sudo nano /var/lib/tomcat6/webapps/Oscar12_1/oscarRx/Preview2.jsp

3) Create .gif file with signature.
Copy into the following folder:
/var/lib/tomcat6/webapps/Oscar12_1/images/prov-license#.gif
sudo chown tomcat6:tomcat6 prov-*
Note: license# is the provider license number.

As soon as the Rx is saved, the signature is filled in.  The usual signature box can be used to override the signature.

Creating new Users, logins and assigning Roles

The procedure to add new users requires 3 steps.  I have written some notes to ensure that there are no problems.

Menu: Admin, Provider

Use Search/Edit/Delete Provider Records to find a free provider number.

Note: for providers that will appear on the appointment screen, the order of appearance will be the order of their alphabetic provider code.  ( 1000, 111, 1200, 15 )

1) Add Provider
Need provider number, first name, last name

Role: Doctor or Receptionist.  If you want the provider to be able to view the patient records, then set the role to Doctor.

2) Menu: Admin, Security, Add a Login Record
need loginname, Password, PIN
eg. Student1 , Student01 , 0124

loginname: I usually use the lastname and an initial for the loginname.  This makes it much easier to find a login later, if you need to reset the password or delete the loginname.

Password: It must be a mix of Uppercase, lowercase and numbers.  I typically use something like LastF1234, where Last is part of their lastname, F is the first letter of their firstname and 1234 is their favorite 4 digit number.  I use the same 4 digit number for their PIN.

Make sure you match the login record to the correct Provider number.
Expiry Date: check and select a date about 2 yrs (or less) in the future.

3) Menu: Admin, Security, Assign Role to Provider
Select role depending on their job description, then click on ‘Add’.

 

More notes on roles coming soon…

 

Hylafax Installation for Oscar

Hylafax is a great, reliable fax server. It works with almost any fax modem. The main web page is at www.hylafax.org

Oscar instructions cab be found at: http://oscarmanual.org/oscar_emr_12/developers/hylafax/hylafax

I’ve installed another Open Source program that does OCR. It’s called tesseract-ocr code.google.com/p/tesseract-ocr/

To install hylafax just type: sudo apt-get install hylafax-server

sudo faxaddmodem
ttyS0 is the default serial modem
ttyACM0 is used for USB modems

sudo adduser [faxuser] uid=1002 pass=faxpass
faxadduser -a [adminpass] -p [userpass] -u [uid] [username]

Now, once hylafax has saved the incoming fax as a .tif image, I generate a .pdf AND a .txt file containing the OCRed data.

Ubuntu notes:
/var/spool/hylafax/bin/faxrcvd processes incoming faxes.
/var/spool/hylafax/bin/tiff2pdf can convert .tif files to .pdf
/var/spool/hylafax/recvq is the folder that contains the incoming faxes (in .tif format).
/var/spool/hylafax/log contains the log of each call.
/var/log/hylafax contains the program logs

Configuration:
/etc/hylafax/config.ttyS0 – has parameters for the modem on COM1:
AreaCode: 514
FAXNumber: +1.514.555.1212
RecvFileMode: 0600 is the default for the received file mode. I change it to 0644
LocalIdentifier: Oscar Fax Machine

Customization:
/var/spool/hylafax/etc/FaxDispatch is where you can add code to convert and/or redirect the incoming faxes. It is called from the faxrcvd script.

The following can be added to FaxDispatch to automatically convert incoming faxes (.tif) to adobe (.pdf)
if [ -f $FILE ]; then
/var/spool/hylafax/bin/tiff2pdf -o ${FILE}.pdf $FILE
chmod 644 ${FILE}.pdf

fi

Client software:
If you want to view the incoming faxes or use Hylafax to send faxes, there are a number of Hylafax compatible clients that you can use. On my Windows Vista PC, I am currently using YajHFC (Yet another java Hylafax Fax Client). Since this is a Java client, it should also work on Linux and Mac.

Another simpler option is to make the incoming fax folder shared (using Samba) and allow access to the folder.

Links:
edoceo.com/liber/network-hylafax-samba

Translating Oscar

Oscar is multi-lingual. You just need to change the language in your browser and Oscar will switch to that language.

Note: Each language has a file containing text for that language. For Oscar 12 in french, the file is:
/var/lib/tomcat6/webapps/Oscar12_1/WEB-INF/classes/oscarResources_fr.properties

Currently 5 files exist:
en (English), es (Spanish), fr (French), pl (Polish) and pt_BR (Brazilian Portugese).

Checking Hylafax status

Oscar v12 has a feature to check the status from the Admin menu. Admin, Misc, Fax Status

If that doesn’t work, or if you want to do it manually, here is the procedure:

1) start putty
2) login to server
3) check status: sudo faxstat
If you do not see the message from step 5), continue to 4)
If the server is Running and idle, then the problem is not the server.

4) restart hylafax: sudo service hylafax restart
5) check status: sudo faxstat
Server should answer: HylafaFAX scheduler on servername: Running
Modem ttyUSB0 (+1.514.555.1234): Running and idle

6) exit

Adding Appointment types problem

If you want to enable the Appointment type pull-down in the Appointment screen, you have to change the multisites flag in the properties file to multisites=on.

Once you restart tomcat, all your existing appointments will disappear!

That’s because the old appointments have no locations. Don’t ask me why the multi-sites feature is related to appointment types.

You need to add a Site in the Admin, Misc, Satellite-sites Admin.
Once you have a site setup, you need to update all the appointment records that have no location.
UPDATE APPOINTMENT SET LOCATION = 'SiteName' WHERE LOCATION = '' ;

SiteName should be one of the sites you created.

Dynamic DNS setup with DNS2GO

Many locations have IP addresses that get changed frequently.  In order to be get remote access to your Oscar server, you need to install a Dynamic DNS client.  This can be on a workstation, router or server.  The workstation is probably easiest, but the workstation must always be on.  Router installation is good, but not supported by all routers.

I use DynDNS and DNS2GO. This post describes setting up the DNS2GO client on the Oscar Ubuntu server.  This was done for Ubuntu 12.04 and 13.10 servers.

Download Debian client from http://www.deerfield.net/download/dns2go/linux/index.htm and save in home folder.

For Ubuntu/Debian, use dns2go-2.0.tar.gz

Unzip file
tar -zxvf dns2go-2.0.tar.gz

Change to unzipped directory
cd dns2go-2.0

Check for location of libc library (see below)
find | grep libc.so.6

Install the DNS2GO client
sudo ./INSTALL.sh

Error – Could not find glibc library
Solution: change INSTALL.sh to check current location of libc library (see below)
for Ubuntu 13.10 /lib/x86_64-linux-gnu/libc.so.6

This will run the installer for the DNS2Go client and copy all necessary files to the correct locations. The executable is installed in /usr/local/bin, documentation in /usr/doc/dns2go-2.0, manual pages in /usr/local/man and conf file in /etc/dns2go.conf

To finish the installation, type:
sudo /usr/local/bin/dns2go

You will be asked if you want to create the dns2go.conf file, select Yes.
You will now be asked if for your domain name and registration key (if you do not have your key, do not run this yet).

eg. myclinic.dns2go.com

Add program ( /usr/local/bin/dns2go ) to /etc/rc.local to execute automatically when the server starts
sudo nano /etc/rc.local
/usr/local/bin/dns2go

Revised ~/dns2go-2.0/INSTALL.sh
#!/bin/sh
#
# Installation shell script, read INSTALL for details
#
echo " "
BINDEST=/usr/local/bin
DOCDEST=/usr/doc/dns2go-2.0
MANDEST=/usr/local/man
# select the architecture
case `uname` in
OpenBSD)
ARCH=OpenBSD
;;

FreeBSD)
ARCH=FreeBSD
;;

Linux)
ARCH=Linux
;;

*)
echo "Unrecognized version: Installing Linux binary"
ARCH=Linux
;;
esac

# If Linux, check for glibc library
if [ $ARCH = "Linux" ] ; then
if [ -f /lib/libc.so.5 ] ; then
ARCH=Linux/libc.so.5
elif [ -f /lib/i386-linux-gnu/libc.so.5 ] ; then
ARCH=Linux/libc.so.5
elif [ -f /lib/libc.so.6 ] ; then
ARCH=Linux/libc.so.6
elif [ -f /lib/i386-linux-gnu/libc.so.6 ] ; then
ARCH=Linux/libc.so.6
elif [ -f /lib/x86_64-linux-gnu/libc.so.6 ] ; then
ARCH=Linux/libc.so.6
else
echo "Error - Could not find glibc library";
exit -1;
fi
fi

echo " "
echo "Copying files..."

mkdir -p ${BINDEST} 2>/dev/null
cp ${ARCH}/dns2go ${BINDEST}/dns2go
chmod 755 ${BINDEST}/dns2go
mkdir -p ${MANDEST}/man1 2>/dev/null
cp dns2go.1 ${MANDEST}/man1
chmod 644 ${MANDEST}/man1/dns2go.1
mkdir -p ${MANDEST}/man5 2>/dev/null
cp dns2go.conf.5 ${MANDEST}/man5
chmod 644 ${MANDEST}/man5/dns2go.conf.5
mkdir -p ${DOCDEST} 2>/dev/null
cp README ${DOCDEST}
cp INSTALL ${DOCDEST}
cp LICENSE ${DOCDEST}
cp USAGE_POLICY ${DOCDEST}

echo " "
echo "DNS2Go unix client version 2.0 is installed"
echo " "
echo "The README is recommended for users upgrading from 1.x."
echo "Manual pages for dns2go and dns2go.conf are available."
echo "/usr/local/bin/dns2go -h is also useful."
echo " "
echo "Thanks for using DNS2Go from Deerfield.com"
echo " "