Creating Security Roles

Security roles determine whether the user can: 

  • Access an application feature.

  • Only view information.

  • Add, change and delete information.

To maintain your organization's security requirements, you can create custom roles, providing or limiting users' access to features. To manage users' access across your organization, create roles based on the positions in your organization.

To create a new role, you must select the module. If the role requires access to more than 1 module, select Multiple, and all the modules appear.

  1. You can select the modules where access is required, one at a time. For each option in the module, select the appropriate access level.

  2. Select the next module and select option access levels.

  3. Continue selecting modules and selecting option access until you complete all the modules required in the role.

    Note

    If you select Module, All, only the options accessible from all modules appear. You can also select access levels for options in All from any other module.

To set the access level for application features, the security options have either Yes or No access, or levels of access: 

  • Yes - allows full access.

  • No - restricts access.

  • None - user does not have a link or button to access the feature or option.

  • Read - user can see but not edit information.

  • Read/Add - user can see and add records. 

  • Read/Add/Edit - user can see and add records and change information.

  • Read/Add/Edit/Delete - user can seeand add records, and change and delete information.

Access to some features depends on access to another feature.  

Security options are organized in groups corresponding to the features or areas in the application. 2 methods are available to select option settings:

  • Individually select a setting for each child option, the same as before.

  • Bulk update all the options within a group using Group Quick-Set. The settings available in Group Quick-Set are relative to the child option settings in the group. For example:

    1. The options in a group have a mix of Yes/No (Y/N) and Read/Add/Edit/Delete (R/A/E/D) settings. You can select 1 Y/N setting and 1 R/A/E/D setting.

    2. You select Y, and R/A/E. All the options in the group with Y/N settings are set to Y. All the options with R/A/E/D settings are set to R/A/E.

Tip

  • To search for an option press Ctrl+f on your keyboard.

  • If a few options require a different setting than most of the options in the group, use Group Quick-Set to select the same setting for all options. Then, change the setting for the few options requiring a different setting.

Important

You must have the Admin Security Role (System) or a role with equivalent access to create a new role or change existing custom roles.

You must have Management Console access to edit roles with corporate scope. 

To ensure you give users appropriate access, before assigning role(s) to users, it is recommended you test role(s) you create.  

To give a user access, after you create the role, you must assign the role to the user. You can assign system roles to users. You can't edit system roles. 

To give a user access to Management Console, you must assign a role having the Management Console Module. 

For information on setting up security access for external providers, see Care Provider Access Only (CPAO) and Restricting Security Roles Quick Reference Guide.2.0_QRG_Security_Care_Provider_Access_Only_(CPAO)_and_Restricting_Security_Roles

Some integrated features include Single Sign On (SSO) access from Home Care to the vendor's platform. For example, Pro-Tracking and Integrated Claims Management. To provide SSO access, you must create the appropriate SSO security role and assign the role to appropriate users. 

    • Single agency: Billing > Setup > Security Roles.

    • Multi-agency: Management Console > Standards > Financial Management > Security Roles.

  1. To add access for another module, click the module name.

  2. To assign users to the role, click users.

    1. Select the users.