Covered by this topic
With the proper security permissions, adding, editing, and removing users can be easily managed from within the Enterprise Health solution’s Access Control editor. Following is a detailed outline of the processes of managing users, providers, referring physicians, and departments. There are varying types of user access to consider, in addition to methods by which users can be added to the Enterprise Health solution. Therefore, consider the organization’s needs and follow the guided workflows, below, as appropriate.
The Access Control editor provides methods for searching users, editing users/departments, and managing user/department access. Navigating the editor is as simple as using a basic search, clicking intuitive links, and filling text fields.
At the top of the Access Control default landing page are navigation links and a Search field with filters. Below, a table list of built departments are displayed, alphabetically.
Above the Search field and filters are two navigation links:
View Departments: This link navigates to the default landing page–the Departments view.
- Departments are listed alphabetically, with options to edit or delete, by default.
- This page can be returned to at any point during the user/department editing by simply clicking the View Departments link.
- Additional links are available, at the top of the table, which allow filtering to Show User Counts (displays the number of users within each department) and to Show Inactive (lists all inactive departments).
View User Access: This link navigates to the User Access view.
- This page displays all usernames, their security exceptions and statuses, as well as their associated security roles.
- Options are available to review previous revisions to security exceptions and by whom they were made.
- A Show CSV link is available to download a CSV of the user list.
In the upper-right corner of the Access Control default landing page are three additional links:
- Add Department: Clicking this link provides the workspace to add a new department. See the How to Create a Department section for additional information.
- Add User: Using this link will provide the New User form and workspace to create a new user. See the How to Add a User/Provider section for further details.
- Quick Add Users: If multiple providers, physicians, or users need added, clicking this link will provide the workspace to effectively add several users, at once. See the How to Add Multiple Active Users section for more instructions on this functionality.
Search in the Access Control editor is a simple, yet powerful tool. Combined with the navigation links available with each page view (Departments and User Access), the search provides a means to maintain standardized users for efficient onboarding processes.
Criteria: A filter to limit searches by Exact wording, or by a result that Begins With the specified text.
Search: A free-form text box that allows a single line of text to be searched against all users and departments in the database.
By: A dropdown filter used to limit the specified search text against an element of the user profile. Available options are:
- User PIN
- User ID
Show: This field allows the results to be filtered by Active, Inactive, and/or Deleted status.
Go: Once filters and text have been entered, click this button to search the database.
To begin adding users, the TL;DR simply requires the privileged user to:
- Navigate to the Control Panel from the sidebar menu.
- Click the Access Control tab.
- Verify the user is unique and is not going to be a duplication.
- Click the Add User link in the upper-right corner. (To add multiple, active users en masse, refer to the Quick Add section.)
- Fill in all necessary and relevant fields.
- Click the Submit Insert button.
However, when adding a user, filling out all the fields is not the only important consideration; avoiding duplicates and understanding what each field represents and its relevance to the user role and creation process are equally important.
Best practices warrant a two-fold process for adding users to the Enterprise Health solution:
- Verify the user is unique, not already built, and the username and profile are not being duplicated.
- Add the user to the system.
Before any new user is created or added to the system, perform a search to confirm that the individual has not been added, previously.
- Navigate to the Control Panel from the sidebar menu.
- Click the Access Control tab.
- Enter search criteria for the new user.
- Click the Go button.
- Review the results, ensuring none of the matches correspond to the new user.
If no results match, continue adding the new user to the Enterprise Health solution.
Creating new users within the Enterprise Health solution can be executed and maintained from the Access Control editor:
- Click the Add User link in the upper-right corner.
- When adding users, consider their role, and fill all fields as thoroughly as possible. Fields marked with a red asterisk are required. All fields available are as follows:
This is the user login credential. Common conventions for usernames tend to be lowercase characters, first initial with last name, and no spaces.
The Alias field offers an alternative to a user’s Full Name being used for any Authored By fields within the Enterprise Health solution. Text in this field will show in the Authored By field of all documents (i.e., that are created, uploaded, printed, faxed, etc.). Authored By fields pull the Alias first; however, if nothing is entered in the Alias field, the Full Name will be pulled for authoring purposes.
Primary Dept Using the dropdown, choose the Primary Department the user will be associated with. If the appropriate Department is not listed, create a New Department. Organization Type the name of the facility, practice, or company, as appropriate. Current Status When adding new users, this field defaults to Active. Choices are Active, Login Disabled, or Deleted.
Security Role A Security Role must be selected, otherwise an error will populate at the top of the page upon submission. This field dictates the level of access a user is permitted. The default message is WARNING: No Security Role for User!. Use the dropdown to select the appropriate Security Role for the user in context. Def. User Role Default User Role. The default message is WARNING: No Default User Role for User!. If this field is skipped, the system automatically defaults and saves the role as User-Limited Access.
Electronic Prescriber These fields are intended for physicians or users legally allowed to prescribe medications. Refer to E-Prescribe Management before making any selections. Meaningful Use This field notes the Meaningful Use status of the user. Upon adding a new user, this field will show the status as Inactive. To opt-in for Meaningful Use reporting and incentives from CMS, refer to the Meaningful Use Documentation. Title Honorifics or preferred titles (e.g., Mr., Ms., Mrs., Dr., etc.) may be entered in this field. This is an optional field. First Name Enter the user’s full legal first name. This is a required field, therefore a new user cannot be created without an entry. Middle Name Enter the user’s full middle name or initial. Last Name Enter the user’s full legal last name. This is a required field, therefore a new user cannot be created without an entry. Suffix If the user has a suffix (e.g., Jr., Sr., IV, etc.), this field must be used. Do not place suffixes in the Last Name field. Degree This field is reserved for degree titles (e.g., MD, NP, FACS, RN, LLM, MSc, etc.). Address1 The main element of the address for the location (i.e., street address, P.O. Box, company name, or c/o). Address2 The secondary element of the location address (e.g., suite, unit, building, floor, etc.). City The full city name of the location. State/Province A dropdown of possible states/provinces of locations. A system setting is available to allow international options versus US-only locations. Country Field defaults to United States; however, other countries are available for selection. Postal Code Enter the full postal code for the specified location. A system setting is available to accommodate international postal codes, leaving entries as they are entered, without auto-formatting. Preferred Route This field records the default method the user prefers to send information, as it relates to the the Enterprise Health solution’s DataSend functionality. DataSend allows the communication between systems and/or clients.
Route Comments This is a text field used as a comment, or note, about why the specific Preferred Route was chosen. Work Number Enter the full work number, including any international access code, country calling code, area code, or exit code.
Pager Number Enter the full pager number. Phone Number Enter the full phone number, including any international access code, country calling code, area code, or exit code. Cell Number Enter the full mobile number, including any international access code, country calling code, area code, or exit code. Cell Number Carrier Select the appropriate cell phone service provider from the dropdown. Fax Number Enter full fax number, including any international access code, country calling code, area code, or exit code. E-Mail Enter the user’s E-Mail address. An entry in this field allows for tasking and/or e-signing requests to be sent as E-Mail notifications, if the corresponding preference is set in My Settings. Preferred Alert Method The preferred method of receiving alerts. Select either Email or Text Message. PIN
Enterprise Health will provide a PIN for any physician using phone dictation. Universal ID Intended for the Unique Physician Identification Number (UPIN), an identifier used by Medicare to identify clinicians. Do not use for the National Provider Identifier (NPI). DEA Number Enter the user’s 9-character DEA Registration number. National Provider Id (NPI) Enter the user’s 10-character NPI number. License Number Enter the user’s State License number. Tax Identification Number This field is reserved for a Tax Identification Number (TIN), provided for tax purposes, by either the Social Security Administration or Internal Revenue Service. Password Expire Date For new users, set this date to Today by clicking the clock icon. This will cause the new user to be prompted upon login to create a unique password. Otherwise, passwords expire every 30 days from the date of last change/reset, and the user will be prompted to change their password upon login.
Login Expire Date This field is intended for organizations using temporary user logins for users needing access to the Enterprise Health solution for a limited amount of time. A Login Expire Date can be set, which will automatically (on the specified date) expire the user’s login credentials. Password For new users, enter a generic password. You must give this password to the new user, so they can perform their initial login. As long as the Password Expire Date is set to Today, the user will be prompted to change the password upon login. Any active users must have a password to access the system. Review the Password documentation for more specific information regarding password configurations, restrictions, and expirations.
Verify Password Re-enter and confirm the password. Your New PIN Vericode This field is for a PIN used in practices that have their E-Orders module locked. A PIN is required to create orders for patients. Enter a PIN. Verify New PIN Vericode Re-enter and confirm your PIN. Security Question Type a question the user wishes to refer to if he/she needs access to their profile or their password reset. This is used to verify the individual’s identify. Security Answer Type the answer to the Security Question that the user must provide to verify authority to access/change personal settings.
- Place a checkmark in each box that corresponds to a department the user is expected to be associated with, if more than one, and be sure to include the department listed in the Primary Department field, above.
- When completed, click the Submit Insert button.
To view or edit a user, navigate to the Access Control manager tab:
- Search for the user needing reviewed or modified, (See the Search section for a review of how to utilize the Access Control search feature.) and click on the hyperlinked username to load the View User page.
- To modify, click the Edit User link, found in the upper-right of the page.
If editing the user’s Security Role, review the Security Role documentation.
Customize User Security and Edit Patients Linked to User Depending on security permissions, when navigating the Edit User page, two links will be available in the upper-right of the page:
- Customize User Security
- Edit Patients Linked to User
Customize User Security is used to change security options and role permissions for the user in context, only. Modifying a user’s Security Role, here, will not impact the Security Role, as it is used by the organization. Review the Security Role Documentation, for further instructions on this feature and its uses. Edit Patients Linked to User is most often used with regard to Portal management and use. For further instructions on how to use this feature, review the Linking Users portal documentation .
- After all modifications have been made, click Submit Edit at the bottom of the page.
Delete User To disable/inactivate or delete a user, navigate to the Access Control manager tab:
- Search for the user needing reviewed or modified. (See the Search section for a review of how to utilize the Access Control search feature.)
- To delete the user, simply click Delete from the Options column, or the Delete User link found on the View User page.
- When a user is deleted, a warning displays, confirming deletion. Click Yes to confirm and complete.
Creating a provider or physician follows the same steps as adding a user; however, if the provider/physician intends to prescribe medication, review the required fields and necessary information for SureScripts verification in the E-Prescribe Management documentation, or the Set Up E-Prescriber section, specifically. Add a Referring Physician User Just as if adding a user or provider, adding a referring physician requires the same two-step process:
- Verify the user is a not already built in the system.
- Add referring physician.
After searching, if the referring physician is not in the system, continue with adding as many as are needed by repeating the following:
Navigate to the Control Panel on the left sidebar menu.
Click the Access Control tab.
Click the Add User link.
When adding a Referring Physician, ensure all of the fields, below, are addressed:
- Primary Dept: Must select the referring physician’s primary department (otherwise, select Referring Physicians).
- Current Status: Select Login Disabled.
- Def. User Role: This field must be set to Referring Physician, because many components of the system know which entities are referring physicians, based on this field. If this field is skipped, the system automatically defaults and saves the role as User-Limited Access.
- First Name: Enter the referring physician’s full legal first name.
- Last Name: Enter the referring physician’s full legal last name.
- Degree: This field is reserved for degree titles (e.g., MD, NP, FACS, RN, LLM, MSc, etc.).
- Address1: The main element of the address for the location (i.e., street address, P.O. Box, company name, or c/o).
- Address2: The secondary element of the location address (e.g., suite, unit, building, floor, etc.).
- City: The full city name of the referring physician’s location.
- State: A dropdown of possible states/provinces of locations. A system setting is available to allow international options versus US-only locations.
- Postal Code: Enter the full postal code for the specified location. A system setting is available to accommodate international postal codes, leaving entries as they are entered, without auto-formatting.
- Preferred Route: If the office uses encounters and faxes documents to referring physicians, select Fax from the dropdown. If the office uses Direct Messaging to send direct email messages (as part of an EHR Incentive Program) select Direct Email from the dropdown.
- Work Number: Enter the full work number, including any international access code, country calling code, area code, or exit code.
- Fax Number: This field is required if encounters are used and documents are faxed to referring physicians. Enter full fax number, including any international access code, country calling code, area code, or exit code.
- Email: If the Preferred Route is set to Direct Email, enter the referring physician’s Direct email address in this field. Otherwise, the Preferred Route is set to Fax, and the referring physician’s general email address can be entered in this field.
- Scroll to the bottom and select all of the departments associated with the referring physician, including Referring Physicians.
- When completed, click the Submit Insert bottom.
Upon submission, a confirmation of a successful addition will appear at the top of the screen; otherwise, an error will prompt what field(s) to update/correct. You can quickly tag multiple users (in mass) to a specific department by going to “View Department” and using the listedit & autocomplete feature there. See help documentation titled Adding A Department.pdf for more information.
There are several available departments included with the base product, that assist users in differentiating responsibilities and users, based on role. The following will address how to add/edit a department, delete or reactivate a department, how to view departments, and how to link users to multiple departments.
Adding a Department Adding a department is a quick, simple process. From the Access Control tab:
- Click the Add Department link.
- Type in the full name of the department needing to be created.
- Select the viewable department(s). Choose any or all departments that are expected to be viewable from the users of the new department. To provide access to the new department, select the Give users in this department access to see other users in this department option.
- If there is a need to add specific Users in New Department, begin typing the last name in the autocomplete field, select the user, and click the Add button.
- Once completed, click the Submit Dept. button.
Editing a Department If a previously added department needs to be edited, perhaps to have additional entities associated with it, simply navigate to the Access Control tab:
- Click the Edit link in the Options column, of the Department needing updated.
- Perform all necessary edits (see the Adding a Department section for information on the available options).
- Upon completion, click the Submit Dept. button.
Deleting an unnecessary department, or reactivating an old department, or department deleted by mistake, is an effortless process. From the Access Control tab: Delete a Department
- Locate the department that needs deleted.
- Click the Delete link in the Options column.
- A Delete Department confirmation will load.
- Click the Delete button to inactivate, or Cancel to return to the Departments view.
Reactivate a Department
- Locate the department that needs reactivated by clicking the Show Inactive link.
- Once found, click the Activate link.
- The department will be immediately reactivated.
In order to add several new, active users/providers, a quick-add feature has been made available to users with the appropriate security permissions. This screen is not used to manage existing users. Users cannot be edited, deleted or deactivated from the Quick Add Users page. This page is designed for quickly adding multiple users, for quick access into the Enterprise Health system.
To quickly add multiple, new users, navigate to the Access Control manager tab:
Click the Quick Add Users link, in the upper-right corner of the page.
The Add Users page will load.
Using either the Add Physicians or the Add Users (Non-Physicians) sections, supply:
- First Name: Enter the referring physician’s full legal first name.
- Last Name: Enter the referring physician’s full legal last name.
- User Role/Department: This is the Default User Role (of the physician) or the Primary Department (of the non-physician). Choose from the provided dropdown.
- Security Role: This field dictates the level of access a user is permitted. Use the dropdown to select the appropriate Security Role for the user in context.
- Username: Enter a unique username.
- Password: Enter a password.
When adding users in either section, click the Add button to store that user for submission. Click the minus (-) button, if a user needs to be removed or an error was made.
Continue adding users, as needed.
When all users have been added, click either Submit button.
Upon confirmation of the successful submission, users are immediately able to log in. Upon initial login, users will be prompted to create a unique password. Any errors with creating users will be noted with a message explaining what failed or needs addressed. Review and resubmit, if necessary.
Aside from the standard Add/Edit User and Delete User functionality, the Access Control manager tab has options for reviewing user access. From the View User page, there are links provided to allow superusers to:
- View Audit Log
- View Lock Records by User
- View User Revisions
With the appropriate security role or permissions, the View Audit Log link will appear in the upper-right of the View User page. Clicking this will reveal a means to search and view the charts the user has viewed/edited.
Navigate to the Access Control manager tab, and search for the user needing audited:
After the search (See the Search section for a review of how to utilize the Access Control search feature.), click on the hyperlinked username to load the View User page.
When the View User page loads, click the View Audit Log link.
The Audit Log Search Criteria page will open in a new tab.
Narrow the audit search using the provided fields:
- Date: This is a required field. Use the Now, Clear, or Calendar icons, as needed.
- Patient: This is an autocomplete field that helps limit an audit log to a specified chart. Use the Help Bubble for assistance on how to search various types of charts.
- Reference ID: Enter a specific Reference ID to be searched against the user’s activity.
- Event Type: The type of events to be searched can be selected individually, or in multiples.
- Event Action: This is the event that occurred (e.g., Stream, View, Edit, Add, etc.).
- Event Description: A description of the specific aspects of the event; usually contains the document type description.
- Outcome: Whether the event was a Success, Failure, or All.
Once the preferred filters are entered, click the Search button. The results are specific to the user in context.
For further details, click the View Click Logs link in the Activity Details column and view the exact activity of the user.
Searching can be continued by modifying the search fields, or by clicking the Clear All button, to begin another search. Otherwise, to exit the Audit Log Search, click the Close Window link in the upper-right of the Audit Log screen.
With the appropriate security role permission, clicking the View Lock Records by User link from the View User page, a listing of all current record locks on documents for the user in context will be provided.
With the appropriate security role permission, when looking at the user summary from the View User page, the View User Revisionslink will be available in the upper-right of the page. Clicking this will provide a view of sections and fields with associated revision dates, if any.