Adding/Editing Security Profiles

Defining a Security Profile

1. Select Data Maintenance > System and Security > Security Profiles from the Main menu. The Edit Security Profiles screen will appear.
2. Enter a Profile ID, up to 20 characters in length (e.g., Front Desk). This field is required.
3. Enter a Description (name), up to 40 characters. This field is required.
4. Assign the appropriate access to each level of security.
1. Click the corresponding option—None, Full or Read-only—to assign rights to a category of operations. The rights assigned to a category are indicated by blue text (e.g., (None), (Mixed), or (Full).
2. Expand a category to expose the individual operations and then click the word None: A drop-down will appear. Click the menu to display the available options and then make your selection.
NOTE – If the category access has been changed already, the individual operation's access might read Full or Read-only instead of None. Whatever the current assignment, click the text to expose the menu.
5. Repeat step 4 until all of the appropriate operations have been allowed/restricted.
6. Click Save to commit the profile. At any point, click New to clear the screen without saving the current profile and prepare it for a new profile.

Key Considerations

• Create as many security profiles as necessary for the number and type of users that are in your organization. Examples include data entry personnel, reporting personnel, scheduling personnel, and so forth. Keep in mind, however, that if you have users who will require the same profile, it is more efficient to copy one user's security settings to the other users that require it.
• To delete a security profile, highlight the profile you want to delete on the Security Profile Search screen and then click Delete. Administrators can delete a security profile only if it is not currently associated with any user in the system.
• In general you will find that the categories of and individual operation are fairly straightforward. Reporting operations give you the option of Full or None. If a report is marked None, then it will not appear in the Reporting menu. If all of the category is marked None, no reports will show. Nonreporting operations are generally self-explanatory.
• When a category or subcategory is set to Read-Only, the operations that control a users ability to change data are automatically set to None. Operations that govern access to a screen or the ability to look up data will be set to Read-Only.
• Individual operations generally can be set to something other than what the Category access is. For example, if the Appointments Operations category is set to Read-Only, it is still possible to change the permission for the Add Appointment right to Full so that the users assigned to this profile can create appointments. Or, if the Edit Case is set to Ready-Only, the Discharge Case can still be set to Full, which would allow users assigned to this profile the ability to discharge cases. Alternatively, a category can be set to full and then individual operations can be set to None or Read-only.
• Read-only may not always appear as an option for individual operations in that it does not make sense given what the operation is.
• When combinations of Full, Read-Only, and None are used for the operations of a given category, the assigned rights of Mixed will appear in the Assigned Right column for the category.
• The program will display an error message when a user attempts to perform an operation in which they have no “rights.”