Adjusting System Access

Question 1

Define: Security Class

Answer 1

SECURITY CLASS - security points grouped together as are appropriate for a particular group of users.

The security class is attached to the template that represents that group.

Security classes can be shared between multiple User templates, or specific to a single template.

i.e. Pharmacy technicians all share a Willow security class name “RX technicians” - The security class is attached toe the Willow Inpatient Technician Template

Question 2

Define: Security Point

Answer 2

Access to activities and functionality in Epic is controlled by SECURITY POINTS (access!)

There are thousands of security points used by Epic’s various applications, and any given user might need a few hundred specific points.

Some security points control access to entire activities (i.e. verify)
Other security points control discrete functionality within an activity (i.e. dispense)
(i.e. Willow Security point 1 - Verify Orders for pharmacists and Willow project team but not for Technicians)

Question 3

Difference between security point and security class

Answer 3

The ability to manually dispense a dose of a medication order is controlled by Willow security point 7 – Dispense order. If a user has that security point, they can click the Dispense button in the Medications activity, the Order Hx activity, or the In Basket.

But a user could have access to the In Basket and not have Willow security point 7. This means they could read In Basket messages but they wouldn’t see the Dispense button on any medication messages.

Question 4

Identify which Willow security class is affecting a user

Question 5

Identify all the templates and users affected by a security class

Question 6

Edit the points that a security class contains

Question 7

Explain the difference between security points and security classes

Question 8

Explain The relationship between security points, security classes, templates, and users

Question 9

Explain why you may need to edit a security class

Question 10

Explain when you might need to duplicate and edit a security class

Question 11

How does a security class get attached to a user?

Answer 11

via the user’s template

Question 12

How can you tell what templates and users will be affected by changing a security class?

Answer 12

Open the security class and look at the Usage Report tab.

Question 13

Imagine that your organization does a tech-check-tech workflow, and so you want all your technicians to have access to the Dispense Checking and Compound and Repackaging Check activities.
Which of the follow would you need to EDIT?
A. Each technician’s User (EMP) record
B. The Willow Inpatient Technician template record
C. The Rx Technician security class record
D. All of the above

Answer 13

C. The Rx Technician security class record.
Changing a security class will affect everyone who uses it, and all the technicians should be using that security class (because it’s linked via their template).

Question 14

You can’t assign individual security points directly to individual users. All security points must be assigned via security classes.
Each template (and thus each user) can be linked to only one of each type of security class.
Thus, any given user must get all their Willow security points from one and only one Willow security class. If you have two groups who need access to a similar-but-not-identical set of activities, then you need two separate security classes.

Question 15

A new feature is released, and you want all your technicians and pharmacists to have access to it. It’s controlled by Willow security point 999. Which of the following records do you need to EDIT to make this happen?
a. The pharmacists’ individual User (EMP) records
b. The pharmacists’ template
c. The pharmacists’ Willow security class
d. The technicians’ individual User (EMP) records
e. The technicians’ template
f. The technicians’ Willow security class

Answer 15

C and F. You need to add point 999 to both security classes.
Each group of users is already linked to the appropriate template, which is already linked to the appropriate security class. Changing the class will thus affect all the users. (You might open an example user from each group to figure out what security classes to edit, but you don’t need to actually CHANGE anything in those records.)

Question 17

Normally pharmacists in your hospital don’t have the ability to edit and create SmartTexts, but you would like a few particular pharmacists to have that ability. This is controlled by point 11 on the Shared type of security class. Pharmacists currently all use the Rx Shared Pharmacist security class record, which does not currently have point 11.

Which of these do you need to do? (Choose ALL that apply.)
a. Add point 11 to the Rx Shared Pharmacist security class.
b. Duplicate the Rx Shared Pharmacist security class and add point 11 to the duplicate.
c. Create a new template (copying settings from the existing pharmacist template), and attach the particular pharmacists to this new template.

Answer 17

B and C are correct. Choice A would give all pharmacists the new security points, rather than a subset. Instead, you should duplicate the existing security class and add security points to the new one.

Question 18

**Name the 6 types of security classes that a Willow Inpatient user is likely to have

Answer 18

1. Willow
2. Inpatient
3. EpicCare
4. Shared
5. In Basket
6. Reporting Workbench security classes

Willow- Pharmacy-specific functionality
Inpatient - Activities and functions within an admitted patient’s chart (e.g. MAR, Medications, Notes, Orders)
EpicCare - Activities and functions in outpatient chart, and “common” clinical functionality (like Chart Review or the ability to sign medication orders)
Shared - Tools that any user (including non-clinical users) might use, such as SmartPhrases and Phone Book
In Basket - In Basket and features within it
Reporting Workbench - View, run, edit, and create Reporting Workbench report