Configuring Semi Relaxed Security

Abstract

Capable 21C supports a security feature that allows different operators to have different levels of access to the Capable 21C functionality. Whilst this allows very high levels of security, some offices do not want to mandate that their staff should have to key passwords every time they want to make an appointment. This article describes how to configure Capable 21C with tight security around high risk functions, but relaxed security around the day to day functions.

Underlying challenge

It is possible to remove an operators rights to the Setup menu Ė which could potentially lead to a situation where the operator could no longer alter the security rights of other operators. Whilst this is ideal for some operators, if it were done for all operators (or if the password is forgotten for the operator that retains these rights), a problematic situation could develop. Care should be taken when altering the security rights for various operators. In the resolution section below, specific steps are provided for configuring security correctly.

Resolution

To enable Capable 21Cís security features, the following overall steps should be followed:

  • Create operators within Capable 21C for each staff member that will use the software. To access this functionality, go to Setup|Setup Operators.
  • Ensure that each operator has a password, and that they know their password (note that passwords are case sensitive). /li>
  • Ensure that each operator has appropriate security rights bestowed. Refer to the detailed instructions below for more specifics about security rights.
  • Create a dummy operator that has no password, and has very limited security rights. The ĎMinimalí security template is suggested for this operator.
  • Once all operators are configured, go to Setup|Settings and enable password security (on the General tab).
  • Close Capable 21C and restart it. /li>
  • Log on the dummy operator.
  • Day to day usage

    Now that Capable 21Cís security system is enabled, an operator must be chosen when starting a shift, and an operator should be selected for day to day operations. To minimize the number of times that operators need to enter their passwords, the following guidelines are suggested:

  • Operators should log on when they start work, and log off when they finish work. The dummy operator will be left permanently logged on.
  • Operators should start the shift using their own account (and their own password).
  • Once the shift is started, the dummy operator should be selected for general use.
  • Operators should only select their own account if they need to access features that are not accessible to the dummy account. When finishing using their own account to access these features, the dummy account should be reselected.
  • Refer to the Fundamental Training website for more detail about logging on, logging off, and selecting yourself as the current operator.

    Detailed Information

    There are five fundamental security templates for operators. These are as follows:

  • Total Access security is intended for the office owner, or administrative manager. This security clearance grants rights to all functionality. Refer to KB-Security Settings for new features for additional information about this setting.
  • Senior Access security is intended for experienced and trusted staff. It grants the rights to perform all day to day functions as well as statistical and financial reports. It also grants the rights to delete and erase data. It does not grant rights to access the Setup menu.
  • Minimal Access security is intended for new or untrusted staff. It grants the rights to perform day to day functions. It does not grant access to statistical reports, and does not grant the rights to delete transactions other than during the Cashing Up procedure.
  • Treatment Room Access is the tightest security template, granting only the ability to access Visit Notes via the Patients Checked In window. /li>
  • Custom access is automatically selected when the Customise button is used to configure the security settings manually. In this mode, individual menu items can be enabled and disabled. Normally, this kind of security setup is not encouraged, as it can be difficult to remember the exact security configuration when another new operator is introduced to the system. If offices intend to configure security manually, Capable Software recommends that the office document precisely which options should be enabled and disabled.
  • Note that the following options can also be used to tighten security further: /p>

  • When Treatment Area access is chosen, the operator still has rights to the To Do List. A clever operator could exploit this access to gain access to the Patient Information and Editing window (which would not normally be accessible to them). To prevent this level of access:
  • Go to Setup|Setup Operators.
  • Double click the operator in question. /li>
  • Go to the Password tab.
  • Click Treatment Area Access.
  • Click Apply.
  • Click the Customise button.
  • Choose the To Do List menu. /li>
  • Disable the Add an Item to the To Do List option.
  • Close out of the Setup windows.
  • Operators can also be denied access to see certain appointment books. This can be useful in multi-modality offices where practitioners are configured as operators but should not be granted the rights to see eachothers appointment books. To do this:
  • Go to Setup|Setup Operators.
  • Double click the operator in question.
  • Go to the Password tab.
  • Set the Limit to Service Provider dropdown to limit appointment book access.
  • The Limit Transaction Summaries tick box can also be enabled for tighter security.
  • Close out of the Setup windows.
  • Whilst security can be tightened in this manner, it is also useful to carefully specify the mode for each PC in the office. Treatment Area security will only be effective if the PC is in Treatment Area mode. Refer to the training videos in the Advanced Training website for more specifics about this kind of security.

    Note that physical security is a significant component of an overall security strategy. If staff can easily access the server (or server PC), or if they have easy access to tools such as Microsoft Access, staff will be able to manipulate and modify the Capable 21C database with ease. If an office intends to prevent this kind of access, a local computer technician should be consulted on ways to limit access to the server and Microsoft Office applications on each staff memberís PC.

    This knowledge resource is designed for use on a Windows (tm) XP system operating at a screen resolution of 1024x768 or better. Windows Media Player must be installed for this training resource to operate correctly.

    Copyright 2008 Capable Software Pty Ltd

    Training Sessions

    Fundamentals Training Modules

    Intermediate Training Modules

    Advanced Training Modules

    Other Resources

    Return to Capable Software home

    Contact Technical Support