Security Policy - Non-Medical Person Certificates

Article author
Greg Pietras
  • Updated

What is the context?


Security Policies govern different aspects of data security in Meddbase. Each policy type (or certificate) governs a set of user permissions.

These permissions determine if or how users will be able to interact with data protected by a given policy or certificate, e.g. Company record protected by a Company Policy; Patient record protected by a Patient Policy.

Many permissions need to be used in conjunction with permissions governed by other certificates e.g. Company Certificate(s).

What is the purpose of the article?


This article provides a detailed description of user permissions governed by the Non-Medical Person Certificate(s).

Permissions


Permission

Description
View Demographic

Allows users to search for non-medical person records and navigate to the Non-Medical Staff Member Details page, browse the record activity, write in the clinician's message feed and view the non-medical person's public profile.

Modify Demographic

Adds users' ability to view and edit the non-medical person's Personal Details, delete the clinician's record and create non-medical person's site sessions in Site Scheduler.

(Please note - Creating sessions requires the Can View Company Sites permission granted on the Company Policy. Furthermore, re-assigning one non-medical person's sessions and/or appointments to another professional requires granting the Can Bulk Re-assign Sessions/Appointments.)

View Documents

Adds users' ability to navigate to the Documents section on the non-medical person's record and interact with individual files. The user can also attach new documents to the record or create new documents from templates.

(Please note - Attaching new documents and viewing and interacting with individual documents also requires permissions on the Document Policy assigned to respective documents e.g.View document- to view document list; Download document- to see document preview, Assign Policy - to add a document to the record etc.)

Modify Documents

Adds users' ability to delete a document from the non-medical person's document record.

(Please note - This also requires granting the Delete Document permission on the relevant Document Policy.) 

View Accounts Adds users' ability to access the Accounts section of the clinician's record page and view invoices, billing items, payments and debt items.(Please note - To view debt, the user needs to be a member of the Debt Chase Admin role group in Admin > User Management.)
Modify Accounts Adds users' ability to add payments, mark invoices as 'sent' in bulk, modify billing items (for un-sent invoices only) and match payments to invoices.
Can View Contacts

Adds users' ability to view the non-medical person's contacts.

Can Modify Contacts Adds users' ability to add, edit or remove the non-medical person's contacts.
Edit Settings

Adds users' ability to access and edit the non-medical person's settings, including but not limited to: default site and location, default start page layout, out of office settings, notification behaviour settings, and more.

(Please note - Every Meddbase user has access to their own settings directly from the upper bar on the Start Page.)

Can Assign Policy

Adds users' ability to assign this policy to a Non-Medical Person's record.

Can Un-assign Policy

Adds users' ability to un-assign this policy on a Non-Medical Person's record.

(Please note - In case of having multiple Non-Medical Person policies in your chamber, changing one policy to another on a non-medical person record requires the user to have Assign/Un-assign Policy permissions granted on both/all non-medical person policies.)

 

Review date


This article was last updated on 2nd December 2024