Security Policy - Medical Person Certificates

Article author
Greg Pietras
  • Updated

What is the context?


Security Policies govern different aspects of data security in Meddbase. Each policy type (or certificate) governs a set of user permissions.

These permissions determine if or how users will be able to interact with data protected by a given policy or certificate, e.g. Company record protected by a Company Policy; Patient record protected by a Patient Policy.

Many permissions need to be used in conjunction with permissions governed by other certificates e.g. Company Certificate(s).

What is the purpose of the article?


This article provides a detailed description of user permissions governed by the Medical Person Certificate(s).

 

Permissions


Permission

Description
View Demographic

Allows users to search for clinician records and navigate to the Doctor Details page, browse the record activity, write in the clinician's message feed and view the clinician's public profile.

Modify Demographic

Adds users' ability to view and edit the clinician's Personal Details, delete the clinician's record and create clinician's site sessions in Site Scheduler.

(Please note - Creating sessions requires the Can View Company Sites permission granted on the Company Policy. Furthermore, re-assigning one clinician's sessions and/or appointments to another professional requires granting the Can Bulk Re-assign Sessions/Appointments.)

View Documents

Adds users' ability to navigate to the Documents section on the clinician's record and interact with individual files. The user can also attach new documents to the record or create new documents from templates.

(Please note - Attaching new documents and viewing and interacting with individual documents also requires permissions on the Document Policy assigned to respective documents e.g. View document - to view document list; Download document - to see document preview, Assign Policy - to add a document to the record etc.)

Modify Documents

Adds users' ability to delete a document from the clinician's document record.

(Please note - This also requires granting the Delete Document permission on the relevant Document Policy.) 

View Accounts

Adds users' ability to access the Accounts section of the clinician's record page and view invoices, billing items, payments and debt items.

(Please note - To view debt, the user needs to be a member of the Debt Chase Admin role group in Admin > User Management.)

Modify Accounts Adds users' ability to add payments, mark invoices as 'sent' in bulk, modify billing items (for un-sent invoices only) and match payments to invoices.
Can View Referrals Adds users' ability to view the referrals made by the clinician.
Can View Contacts

Adds users' ability to view the clinician's contacts.

Can Modify Contacts Adds users' ability to add, edit or remove clinician's contacts.
View Charge-bands and Service Prices

Legacy permission - not used with current charge band system/version.

Modify Charge-bands and Service Prices As above.
Edit Settings

Adds users' ability to access and edit the clinician's settings, including but not limited to: default site and location, default start page layout, out of office settings, notification behaviour settings, and more.

(Please note - Every Meddbase user has access to their own settings directly from the upper bar on the Start Page)

Use Signature

Adds users' ability to capture the clinician's signature with template code e.g. {IssuerProfile.Account.Signature}. When the template code is used in e.g. a document template, the clinician's signature will be automatically extracted from the database and replace the template code in the document generated from the template.

(Please note - The above is based on the assumption that a file with the signature had already been uploaded via the clinician's settings either by themselves from the Start Page or by admin via the clinician's Personal Details page.)

Can Assign Policy

Adds users' ability to assign this policy to a Medical Person's record.

Can Un-assign Policy

Adds users' ability to un-assign this policy on a Medical Person's record.

(Please note - In case of having multiple Medical Person policies in your chamber, changing one policy to another on a medical person record requires the user to have Assign/Un-assign Policy permissions granted on both/all medical person policies).

 

 

Review date


This article was last updated on 1st of July 2021 in the context of Meddbase version 1.245.0.31828