Role Access are a critical part of the over all Access Control mechanism.
A number of roles like Doctors, Reception, Nursing Assistant, Back Office,
Transcription, Admin, Patient can be defined in the application.
For each type or role, following access checks can be configured:
- No Access Rights: If this checkbox is checked, then the role is shown in the
Roles (No Access Rights) section of the User Role screen.
- Include in Mailing List:
Messages from PrognoCIS can be sent to a Role defined in PrognoCIS by selecting Roles radio button in the To
field the Message → Compose screen. When the user creates a
message, selects the Roles radio button and then clicks on the Role Search, then all the roles that have
Include in Mailing List checkbox checked can be seen in the Role Search popup. The user can select the role and send a message.
- Include in PP Mailing List: When the property pp.message.sendto.doctor =
R - Only to the selected Role,
then the To dropdown on the Compose screen of Patient Portal lists all such roles which will have the
Include in PP Mailing List checkbox checked. When a message is sent from Patient Portal by selecting the
specific Role in the To dropdown list, it is sent to ONLY those users who have the selected Role assigned.
In case of Multi-location clinic setup, the message is sent to ONLY those users who have the selected Role assigned and belonging to
the selected Location.
- Assign To: This checkbox is available only when Billing is turned On.
When this checkbox is checked for a role and that role is assigned to a user in the User Role screen, then this user can be
selected from the popup invoked by clicking the Assign To hand icon on multiple screens in the Billing side.
For all the roles that are system roles, an indicator System-Role Cannot Delete is shown in red on the top right of the screen.
Following are the possible Access types for each Menu option in the application. A menu option say Settings \
Masters \ Doctors can have one or more of these possible access types:
| R |
Read. If the record cannot be read, nor is any other operation
allowed. |
| C |
Create a New Record. |
| U |
Update a modified record. |
| D |
Delete an existing record. |
| A |
Approve a record (transaction). |
It is obvious that in the above example Approve is not applicable, so there will be no check box under the A column. If the Role does not have R access the user having that Role assigned to him will not be able to select the Doctors option from the menu when he runs the application.
System Roles
When the software is installed and database created the following Roles are created by default:
- Doctor
- Nurse
- Staff
- RefDoc
- Patient
- Lab
- Rad
- Pharmacy
- Sysgrp
- Nonsysgrp
- Admin
These are the System Roles and cannot be deleted. The User may change the names. When ever a new record for a Doctor, Patient is created and he is to be assigned a User Id and Password (depending on settings in profile), he is also assigned a default role from the above list.
Access Control
Each User has a default role assigned to him (as explained above). The Admin / Super User / authorized person can assign any number of roles to each User.
Let us assume the Role X defines that a Doctors record has access rights
RCU i.e. can be Read, Created and Updated (not deleted). Role Y defines
that a Doctors record has access rights RUD i.e. can be Read, Updated and
Deleted (not created). If both roles X and Y are assigned to a User, he
will get the Best of Both i.e.. He gets RCUD Read, Create, Update, Delete
Access rights. In other words if Access is available in any one of the assigned
roles, the user will get it.
Note that the User himself need not be aware of all roles assigned to him. If the Admin adds / removes more roles assigned to a user, he will automatically get more/less menu options accessible to him using his own user id and password.
save: Click to
save the Role.
save as:
Click to save the defined Access rights with a different Role name.
delete: Click to delete
the Role.
reset: Click to reset
the Role to the previously saved values.
|