Managing User Permissions
RTasks has fine-grained controls that allow administrators to set exactly what each staff member can view, add to or change. Users with appropriate permissions can manage the access levels of other users - allowing precise control of what each of your users can see and do within the system.
In RTasks.net, you can view a user's permissions under the People > Staff section, by opening an individual user's Staff Profile. User's permissions are broken down across a few sections: Provider Type, Login & Access, Resident Data Access, Staff Data Access, Other Roles.
|Each user must have a 'Provider Type' - the list of provider types can be customized per client and may be different than shown here. A user's Provider Type determines what services they are / are not able to see or e-chart, what charting restrictions may be in place for the user (how far back / ahead of time they can e-chart services or medication passes), and which reports the user will have access to.|
Login & Access
|The Login & Access section will allow you to specify if a user can login to RTasks.net, if they are restricted from the physical locations they can log into RTasks.net from, and which campuses they can access (if you have more than one campus).|
||If you have more than one location (or "Campus"), you can grant users the ability to access one Campus only, multiple Campuses, or all Campuses as you see fit.
Users with the 'Supervisor' role will automatically have access to all Campuses.
Resident Data Access
|In the Resident Data Access screen, we can specify what types of resident data a user can view and edit. We can also specify if a user only has access to certain residents within a campus; this feature is typically used to grant access to third party care providers like hospice staff, pharmacy techs, rounding doctors, or others who only should have access to health care information for certain individuals.|
Staff Data Access
|In the Staff Data Access screen, we can specify what types of Staff data a user can view (for other staff members).|
|Additional permissions can be granted in the 'Other Roles' section.|
Keep in mind when granting Staff Roles
Role changes are logged for security
Whenever roles are added or removed (granted or revoked), a record of this action is created. The history for a single user's role changes can be accessed via reporting by authorized users.
It is a good security practice to limit a user's permissions to the bare minimum needed to do their job. You can always add more permissions later.
Limit access to powerful roles
The following roles control sensitive capabilities and settings and should only be granted to people who have specific responsibility and training:
- Staff Roles - This role allows a user to expand the permissions of other users
- Supervisor - This a very powerful role that enables users to change significant settings in the system.
If you have more than one location, Supervisor users can view them all and change global settings that affect them all.
- Users with both Staff Roles and Supervisor permissions may edit their own permissions, and may grant the Supervisor permission to other uses.
Review User Security
At any time, administrative users can conduct a review of security settings by reviewing a number of reports created for this purpose. To conduct a review, go to the Reports screen, select the Category "Staff Roles - Security" - you will then have a library of reports you can run to analyze your security settings and access of your users.