com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'html' is unknown.

Security and Users

Owned by sarah.whiteacre (Unlicensed)
Last updated: Mar 10, 2021 by Richard Harris
14 min read

When a new user is added to the system they must be assigned to a Security Group. This action sets their level of access, dictates what privileges they are accorded and what functions they will be able to perform within the system.

Security in the application has two default Security Groups pre-configured. These must be modified as part of the initial setup:

Recep (Receptionist)

Dentist (Non –Admin)

See also: Editing Security Settings



Adding or Editing Security Group Settings

From the Configure > Security screen a user with Administrator or Superuser permissions can set security rights for areas of the software.

A Provider's Security Group configuration can be edited by means of the Wizard at File > Providers up until midnight of the day on which that Provider is created



To add or edit Security Group settings

  1. Log in as a user with sufficient Administrator privileges to be able to configure Security settings.

  2. Select Configure> Security as shown below:

     

    The Security Group File displays:

     



The Security Group File window has the following functions and controls:



Sort by Code

Click the up and Down arrows to move through the file one Security Group at a time.

Display a list of existing Security Groups.

Add a new Security Group.

Save any changes that have been made to the current window.

If this button is black, it indicates that changes have been made that require saving.

If this button is gray, it indicates that the record has no changes to be saved.

Print the Security List report for all Security Groups showing the active/inactive settings for each.

Delete the currently selected Security Group.

Description

For the Security Group.

Can Create Groups

(Replaces the former [ ] Add User checkbox. It is only accessible by Administrators and Superusers.)

This button is enabled when the currently selected Group can Add User / Provider.

It relates to practitioners creating or editing other practitioners by means of the Wizard - the options configured by this button apply when assigning a Security Group in the People-Security page of the Wizard:

 

Click [Can Create Groups] to open a Configure Security Group List window (as shown in the image above), where you can enable members of the currently chosen Group to create members of Groups when they use the Wizard.

Members

Displays the users belonging to the selected Security Group.

Security Tree

[ ] ---

[ ] ---

EXACT security options are grouped in a tree format that follows the Menu structure of the application.

Groups or users have access to the checked (ticked) items.

For example, to stop a Security Group from accessing options in a main category, un-check the high-level box (such as Transactions or Reports) for those options.

NOTE: By default, the View as HTML format option for email is turned off for all users apart from those with "super user" security privileges. This is because in some cases (if your anti-virus software is not configured or not adequate to screen email messages) it can be a potential security vulnerability.

Copy Security button

This is a means to copy the security settings from another Security Group to the currently displayed Security Group.

(An alternative to manually checking the boxes)

Use the Copy Security button to copy the settings from a selected group to the new group:

 

...and then check or uncheck any security options that will differ.

All Off button

This button removes the check from all the security option boxes and turns off all security options.

All On button

This button adds a check in all the security option boxes and turns on all security options.





Can Create Groups Button

(Replaces the former [ ] Add User checkbox. It is only accessible by Administrators and Superusers.)



This button is located in the Configure > Security screen, and applies to users Adding or Editing Security Group settings.

 

It relates to practitioners creating or editing other practitioners by means of the Wizard - the options configured by this button apply when assigning a Security Group in the People-Security page of the Wizard.

 



Activated by Add User / Provider

The Can Create Groups button is only accessible when the security option to Add User / Provider is checked:

 

 

If the Add User / Provider checkbox is checked ( Add User / Provider) and you do not add at least one Group to Can Create Groups, when you go to Save the configuration you will be prompted to add Security Groups:

 



Flexible assignment of Groups

For flexibility purposes there are no inherent hierarchical rules, so for example, users in the RECEP group could be enabled to create users in the DENTIST group.



Security: The responsibility lies with Administrators and Superusers to configure security groups in such a way that users cannot function beyond the bounds of their roles, or configure other users to function inappropriately.



Example - Receptionists are enabled to assign users to a single Security Group:

 

 



Example - Receptionists are enabled to assign users to multiple Security Groups:

 

 



To enable users to assign other users to security groups in the Wizard

  1. Click [Can Create Groups] to open a Configure Security Group List window.

    This opens the Configure Security Group List, where you can enable members of the currently chosen Group to create members of Groups when they use the Wizard.

    This example shows the DENTIST group being enabled to assign users to these groups: DENTIST, CALLER, RECEP

     



  2. Move Security Groups between left pane and right pane until you have the appropriate groups in the right pane, then click OK.



Edit Security Groups Up until Midnight

Administrators and Superusers can change Provider security group assignments as needed.

Historically, other practitioner security groups could not edit a Provider's assignment once it was created.
However, from v12.9 the Security Group configuration for Providers in the Provider Wizard has a buffer period for correction/editing.
For example, if you create a Provider but assign the incorrect security group, any practitioner with appropriate permissions can correct the security group up until midnight of the current day.

Example: If Provider B was created today, any practitioners with security rights to report on Providers and to access File > Providers can edit the Provider Wizard to change the Security Group for Provider B up until midnight tonight.

At midnight the Security Group text field in the Provider Wizard greys out (becomes un-editable):

 

Implications:

  • Any user with security rights to report on Providers and to access File > Providers can edit the Security Group of a Provider created today, even if they are not the original user or part of the original user's security group (a Receptionist with the above rights could edit Provider B's Security Group up until midnight today).

  • Providers can be created in a multi-step process:

    • Receptionists create them as dummy-Receptionists with the RECEPTIONIST security group, recording relevant details.

    • Then, before midnight Providers or Administrators edit them and assign them to the DENTIST or HYGIENIST security group.

  • Users can also edit their own details:

    • A user who is added to the same security group as the creator is able to log in and change their own Security Group before midnight, as they have the same level of rights as the creator.

    NOTE: Attempting to change the system clock time will not allow the user to exploit this functionality as
    - They will not be able to log into exact while the date has changed.
    - If they change the date while logged in the field will still be greyed out.



Service Security Settings

Security settings for both Services and Service Lists are differentiated by Security Group in order to provide practices with effective security controls around services.

 

( See: Security Services settings )



Dentists use two Services tabs to populate services in the Chart tab:

  1. Services List tab

  2. Base tab

 

By default all users can view the All categories of services for charting and treatment planning:

 

 



This view is controlled by checkbox settings.

Receptionist example:


However, for security reasons and also as a means to standardise and differentiate access for management purposes, Dentists and other practitioner groups may require varied access rights to the Services Lists.



To manage Chart Services List security settings for a Security Group

  1. With Administration rights, select Configure > Security.

  2. Select a Security Group (such as DENTIST).

     

  3. Open the checkbox tree through File > Patients > Chart Tab.

  4. Under the Chart tab checkbox Locate Service List and Base:

     



    Note that under these headings the SHOW ALL checkboxes are checked by default - by default users can see the SHOW ALL Service Categories.

     



    Show All

    Use the Show All options only if you want the currently selected Security Group to be able to see the All Category of Services in the Chart tab Service List and Base List.



    Examples:

     

     

     



     

     

     



    Service List Setup Wizard

    Select and de-select as appropriate:

     



  5. Remember to Save any changes for the selected Security Group:

     



  6. Repeat the procedure for other Security Groups.



Security Tree

EXACT security options are grouped in a tree format, with each item listed on the furthest left being a main category. The items shown when the tree is expanded (by clicking on the next to it) are subcategories. Expansion of a subcategory displays specific options within the selected subcategory. The tree structure follows the Menu structure of the application.

 

Access to EXACT menu items, features and processes is set up via a security tree. If a group or user has access to an item, that item will have a tick in the check box next to it. The default Security Groups can be modified by removing/inserting ticks for specific security options (by clicking on the check box with the left mouse button).

If you do not want a Security Group to have access to options in a main category, then do not tick the box for those options on the far left (such as Transactions or Reports). If a Security Group should have access to all/parts of a main category, then the box next to the category will need to be checked as well as the box for each of the items they are allowed to access.





Special Note:
By default, the "View as HTML" format option for email is turned off for all users apart from those with "super user" security privileges. This is because in some cases (if your anti-virus software is not configured or not adequate to screen email messages) it can be a potential security vulnerability.





User Names

A User Name is the code given to each user when their User File is set up, via either the User Settings configuration menu item, or the Add User/Provider menu item.

The user’s code is used to log into EXACT, and to uniquely identify that user within EXACT.

The code may be any combination of alphanumeric characters up to a maximum of 10 characters, and is typically the initials of the person, or (in small practices) their first name.

Some thought and planning should be given to the code used, especially in large practices where there may be some duplication of names or initials, where for easy administration it may be necessary to categorise users using a letter or symbol prefix to the code, such as a ‘D’ for dentist, ‘R’ for receptionist, etc.

IMPORTANT: Each employee must use a code unique to them and must not share that code with others, as EXACT tracks each user who adds, edits or deletes data and appointments.



Add a new User or Provider

(Requires appropriate Security access)

There are a two ways to add a new user or Provider from the Configure menu, and both of which require the appropriate security access:

  1. Configure > Add User / Provider. This option is used especially when the new user you wish to add is also a provider, as it enables you to set up appointment books and rosters at the same time as you are adding the user record.

  2. Configure > User Settings and click the +1 button to open the Add User window:

     





View and Edit Existing Users

Requires a login with administrator security privileges.

  1. Select Configure > User Settings.

  2. Click the

    selector button and select a user from the list (DEMO in this example) to display the User Settings window:

     

From the User Settings window, you can:

  • View and edit existing user records

  • Add a new user

  • Set up Workspace items for users

  • Set up tabs in appointment books and on charts

  • Choose to display the Appointment Book in a sidebar clipped to the right-hand side of the screen.

The following help topics describe how to perform these functions.

Options:

  • The Password can be changed in the

    field, or you can tick the User must change password at next login which will force the user to select a new password.

    Alternatively, if your security requirements are low, you can set the password to never need changing.

  • Security Group is a selection field.

  • Workspace Items, Multi Column Appointment Tabs and Charting Tabs can be set up using the Setup buttons.

  • Chart items that have been charged can be hidden from display on the treatment chart.

  • If the current User File record is for a Provider, you can click the checkbox next to Always display appointment books to display the appointment book for the current provider in a sidebar clipped to the right-hand side of the screen:



    When the provider logs in to EXACT, it will open by default with the logged in provider’s single Provider Appointment Book, otherwise the default multicolumn Appointment Book (the one that is launched when the Appointments Workspace icon is selected) will be displayed instead. If the book selection is changed during use, the user’s last selection will be retained the next time EXACT is opened.

    This option is recommended for use on larger or widescreen monitors. If you find that your screen is a little crowded as a result, edit the Provider’s user file and un-check the Always display appointment books checkbox.

After making changes, click the

Save button to save the settings then use the button in the top right corner of the window to close it.

You may need to close and restart EXACT for the changes to take effect.



Configure Users

  1. Log into EXACT using a User Name that has been assigned Administrator privileges.

  2. From the Configure menu, select ‘User Names’ as shown below:

     

  3. The following window will be displayed:

     

  4. From this window, you can:

  • View and edit existing user records

  • Add a new user

  • Set up Workspace items for users

  • Set up tabs in appointment books and on charts.



The following sections describe how to perform these functions.



Set up Workspace Items

If your security access does not include access to a specific Workspace Item you cannot add it to the Workspace Bar.

  1. Right-click the workspace bar and select Customise, or select Configure > Customise Workspace to open the Customise Workspace window:

     

     

  2. In the left pane, double-click an icon OR select an icon and click the [ >> ] button to add the icon to the right pane.

  3. Repeat for all icons as required.

  4. The right pane shows the order that icons will appear in the workspace bar. Use the

    arrow buttons to re-arrange the icons.

  5. Select OK.



Set up Tabs in the Multi Column Appointment Book

In the User Settings window, click the the Multi ApptBook Tabs setup button.



 

The Multi ApptBook Tabs setup button configures the menu options across the bottom of the appointment book:

 



  1. Click on the button to open the ‘Appointment Book Activity Bar Tabs Setup’ window as shown below:

     

  2. Click ‘Next’ to continue. A window similar to the following example will appear:

  3. If any required tabs are not selected in the right hand box, select them from the "Available Tabs" list and click the

    button to add them.

  4. If any selected tabs in the right-hand window are not required, select them and click the

    button to move them to the ‘Available Tabs’ box.

  5. In the ‘Selected Tabs’ window, use the

    buttons to order the tabs (top in the box corresponds to left in the Appointment Book window, and bottom corresponds to right).

  6. Click ‘Finish’ to complete the process.

    Back in the User File window, don’t forget to click on the

    button to save the settings then use the button in the top right corner of the window to close it.



Administrator Privelages

There are two “Golden Rules” to follow with regard to administrator users:

  1. NEVER delete your current administrator user account without first creating a new one.
    Otherwise, you may find you do not have administration privileges to your own system.

  2. The administrator user should be logged in only for as long as necessary to complete the administration task required.
    If a provider is also an administrator of the system, they will need two user codes with which they log in - one for their normal use of EXACT as a provider, and one for the administration function.

©2023 Henry Schein One International. All rights reserved.