What is the context?
Security Policies govern different aspects of data security in Meddbase. Each policy type (or certificate) governs a set of user permissions.
These permissions determine if or how users will be able to interact with data protected by a given policy or certificate, e.g. Company record protected by a Company Policy; Patient record protected by a Patient Policy.
Many permissions need to be used in conjunction with permissions governed by other certificates e.g. Patient Certificate(s).
What is the purpose of the article?
This article provides a detailed description of user permissions governed by the Company Certificate(s).
The chamber company's record (the clinic) is also governed/protected by a Company Certificate and many of the permissions described below determine users' access to functionality in Meddbase, as the chamber company owns the chamber.
Permissions
Permission | Description |
---|---|
View Company Summary Record |
Allows users to view the Start Page including Tiles, Notifications, Email, Work items, People online. Users can search for Company records, without viewing details or modifying them. They can communicate with colleagues. (Please note! Access to demographic records and other functionality is governed by other permissions). |
Modify Company Summary Record | Adds to the above user's ability to view Company's details page. |
View Company Documents |
Adds users' ability to access Company's document section. (Please note! Viewing documents is governed by the Document Policy: Permissions>View document). |
Modify Company Documents |
Adds users' ability to upload, delete or change information for documents on the company record. (Please note! this also requires granting permissions governed by the Document Policy: Permissions>Assign policy (for uploading), Download, Modify, Delete, Restore etc.) |
View Company Charge-bands and Service Prices | Adds users' ability to view the charge bands and service prices for all companies in Admin > Billing Rules. |
Modify Company Charge-bands and Service Prices | Adds users' ability to create, change or delete charge-bands and billing rules in Admin>Billing Rules. |
View Company Accounts | Adds users' ability to view the accounts section of companies. Lists of invoices, billing items, payments etc. can be viewed, but not individual items. |
Modify Company Accounts |
Adds users' ability to add, remove or modify individual items in the company accounts. (Please note! Some items e.g. patient invoices, employer invoices, will require granting additional permissions on the Patient Policy: Permissions > View patient demographic and Medical Person Policy: Permissions > View demographic). |
View Company Referrals | Adds users' ability to view referrals made to and from a company. |
Modify Company Referrals |
Adds users' ability to add, remove or modify items in the company referrals page. (Please note! Viewing the referral letter here requires granting a permission on Patient Policy: Permissions > View patient medical record). |
Can Make Company Into Chamber | Adds users' ability to create new chambers from companies. |
Modify Company Security Policy |
Adds users' ability to modify this Company Certificate incl. adding permitted users or groups, modifying permissions, changing certificate owners. (Please note! This also requires granting the 'System Administrator' permission governed by the Company Policy. 'System Administrator' permission gives access to Admin > Security Policy section. |
Add User | Adds users' ability to access to Admin > User Management and allows users to create other users. |
Assign User licence | Adds users' ability to assign licences to user accounts. |
Remove User licence | Adds users' ability to remove licences assigned to accounts. |
Add Role | Adds users' ability to create new roles. |
Remove Role | Adds users' ability to remove roles. |
Modify Role | Adds users' ability to rename roles and add/remove role group members. |
Create Patient Record |
Adds users' ability to create new patient records. (Please note! To assign a security policy to a patient record requires granting a permission on the Patient Policy: Permissions > Assign Policy). |
Create Company Record |
Adds users' ability to create new company records. (Please note! To assign a security policy to a company requires granting another permission on the Company Policy: Permissions > Assign Policy). |
Create Medical Person Record |
Adds users' ability to create new clinician records. (Please note! To assign a security policy to a medical person record requires a granting permission on the Medical Person Policy: Permissions > Assign Policy) |
Create Non-Medical Person Record |
Adds users' ability to create new non-medical staff records. (Please note! To assign a security policy to a company requires granting another permission on the Non-Medical Person Policy: Permissions>Assign Policy) |
Create and Modify Document Template |
Adds users' ability to create and modify new document templates. (Please note! This needs to be used in tandem with a permission on the Document Policy: Permissions > Can assign policy). |
Delete Document Template |
Adds users' ability to delete document templates. (Please note! This needs to be used in tandem with a permission on the Document Policy: Permissions>Delete document). |
Create and Modify Document Type |
Adds users' ability to modify (create, update or delete) a new document type. (Please note! Creating a new document type also requires granting the permission on the Document Policy: Permissions > Can assign policy). |
View Reports Server |
Adds users' ability to access the Reports tile, view and run system reports. (Please note! Users will only be able to view report results that they are permitted to see e.g. Patient Certificate: Permissions > View Patient Demographic) |
Create a Task |
Adds users' ability to create new tasks. |
System Administrator |
Grants access to all tiles under Start Page > Admin. (Please note! Other permissions on other policies may be required for some Admin functions e.g. Company Policy: Permissions > Viewing and Modifying Services) |
Can View Company Sites |
Adds users' ability to view the sites of your clinic in Admin > Common Catalogues > Sites. (Please note! Access to Common Catalogues requires granting the 'System Administrator' or 'Can Modify Common Catalogues' permission) |
Can Modify Company Sites |
Adds users' ability to change the name and delete your clinic’s sites in Admin > Common Catalogues > Sites. (Please note! This also requires granting the 'System Administrator' or 'Can Modify Common Catalogues' permission). |
Mass Mail Patients |
Adds users' ability to access the Mail Merges Server and allows users to send out mass emails to patients, companies or medical staff. |
Can Take Control of Chamber |
Adds users' ability to take control of chambers within your system (for systems with more than one chamber). |
Can View Contacts |
Adds users' ability to view companies' contact lists. |
Can Modify Contacts |
Adds users' ability to create and change the details of companies' contacts. |
Can View Services |
Adds users' ability to see and use the services created in your system. |
Can Modify Services |
Adds users' ability to change the service details such as name, default duration etc. |
Can Raise Fee Invoices |
Adds users' ability to raise invoices to patients and companies. |
Can Bulk Re-assign Sessions/Appointments |
Adds users' ability to to Re-assign Sessions/Appointments. (via Start Page > Doctor Details > Site Scheduler > Re-assign). |
Can Bulk Cancel Appointments |
Adds users' ability to to Cancel Appointments in bulk. (via Start Page > Doctor Details > Site Scheduler > Re-assign). |
Can Bulk Remove Sessions |
Adds users' ability to Remove Sessions in bulk. (via Start Page > Doctor Details > Site Scheduler > Re-assign). |
Can Book Appointment On Behalf Of Company |
Adds users' ability to Book Appointment On Behalf Of Company e.g. on behalf of an Employer in Occupational Health. |
Can Modify Common Catalogues |
Adds users' ability to view and modify Common Catalogues in Admin>Common Catalogues. (Please note! If a user already has the 'System Administrator' permission granted, this permission becomes obsolete) |
Can Use Postcode Lookup |
Adds users' ability to search for address using the postal code when adding a record for a Company, Patient, Medical and Non-Medical Person. |
Can Share Meta Data Fields with Patient |
Adds users' ability to share numerical data captured in 'Meta fields' e.g. BP, BMI, Weight, Height etc. with the patient vie the Patient Portal. (Please note! When this permission is granted the user can navigate to Admin > Patient Data Fields, select a visible field, check the 'Shared with Patient' box and 'Save'). |
Can Manage Contract |
Adds users' ability to access the Contract Management tile (via Admin > Contract management) and view current breakdown of Full and/or Concurrent licences, add or cancel licences and view licence history. |
Can Modify Invoice Line Items |
Adds users' ability to edit billing items on an un-sent invoice e.g. re-assign to another invoice, change date, attendees etc. (Please note! Depending on the invoice debtor e.g. patient, medical person, a permission to 'Modify Accounts' on the respective certificate needs to be granted e.g. Patient Certificate: Permissions>Modify Patient Accounts). |
Can View Absences |
Adds users' ability to view the patient's absences. (Please note! This permission relates to the Absence Management chargeable feature used is Occupational Health) |
Can Modify Absences |
Adds users' ability to edit a patient's absence incl. status, reason, absence dates etc. |
Can Assign Policy |
Adds users' ability to assign this policy to a company record. |
Can Un-assign Policy |
Adds users' ability to un-assign this policy on a company record. (Please note! In case of having multiple Company Policies in your chamber, changing one policy to another on a company record requires the user to have Assign/Un-assign Policy permissions granted on both/all company policies). |
Review date
This article was last updated on 4th of June 2021 in the context of Meddbase version 1.244.0.30956