Security Group Concept
Security groups allows user accounts to be grouped into customized groups having specific security rights, saving you the trouble of editing each user individually.
By default, users have no rights to access anything in Filopto. For a user to be able to use Filopto, the administrator must give them permission to access the different features and functions available in Filopto. To make it easier to manage the user rights to features / functions, Filopto uses the "User Group" concept. The security administrator needs to :
1) review the various security groups they wish to use for acceptability,
2) define any group or groups of specific features / functions that is required ,
3) assign users to the particular security group to access the selected features and functions defined.
A user is assigned in their employee profile or in the security group access rights screen, access to the group(s) required to give them access to the features and functions they require. When selecting which security group(s) to give to the user, be wary not to give them access to a group containing a feature he/she should not have access.
"Security group rules are always permissive; you can’t create rules that deny access."
The more common security group configuration have already been created for you. You can however create your own to meet any special or unique requirements.
For ease of use we have regrouped the various security groups access into roles for guidance of which access to provide to an employee. Each role provides various options that can be provided to a user such as Read (able to view) or Read Write (able to view and modify) an item. The system administrator is responsible to assign the proper access rights to each employee.
The guidance roles defined (you can create your own roles) are as follows:
IMPORTANT:
It is common for a user to have more than one security group assigned from each of the role categories listed depending on how your organization is structured.
You can print the security groups by using the Print List button.
|
•Administrator - Represent duties normally the responsibility of senior office administrators
•EMR - refers to access to a patient exam records - Normally restricted to the providers and their assistant
•Financial - access to tools that can have a financial impact on the organization. (normally restricted to accounting or senior staff0
•Security - items that control the system overall functions and access rights - should be restricted to key system/security administrators
•Supervisor - Items that are required for normal daily operations but restricted to key individuals to insure system integrity.
•User - Items available or required by users in their normal activities.
