Security

Question 1

What is the Ser Master file?

Answer 1

````````````The provider (SER) master file can be thought of as a directory of clinicians and resources affiliated with your organization. The provider master file includes one record for every clinician who provides care to your patients, as well as other schedulable resources.

Question 2

What is clinical authority?

Answer 2

A person’s provider record also records their clinical authority, including whether they can:
Authorize medications or other orders
write orders in the hospital
admit or attend on patients

A provider record is also used to track referrals to or from a particular provider.

Question 3

True or False: There is one provider (Ser) record for each person or resource meeting?

Answer 3

True, there is one provider (ser) record or each person or resource meeting ANY of the following criteria:
* C has credentials
*A Authorizes orders
*R Can be referred to or send referrals
*S- Can be scheduled

Question 4

What is the EMP Master file?

Answer 4

The User master file contains one record for every person who logs into your instance of EPIC. your user records contain your login ID and password and links to security settings that determine what functionality you can access.

Question 5

If someone needs to log into the system to complete their job, what user do they use?

Answer 5

They need a user record.

Question 6

What type of templates are EMP records?

Answer 6

User templates are EMP records that are used to configure groups of users. they allow for build and maintenance of user settings in one location that is linked to by other user records. For instance, all inpatient nurses can be assigned the same template which controls their security, user role, and more. If a change is needed, it can be made once in the template instead of needing to update each nurses user record individually.

Question 7

What is the ECL master File?

Answer 7

It is security and it is used to give access or permission to activities and information within EPIC.

Question 8

What does Security (ECL) do?

Answer 8

Security is used to give access or permission to activities and information within EPIC.

• Video-They collect information about what a user is able to do. It is a key ring/card lets people do things. access to functionality. Depending on the security class, it lets you run reports, edit criteria, create public report columns, edit query template.

Question 9

What are the two key security concepts:

Answer 9

Security points and Security class

Question 10

What does security point do?

Answer 10

Security point grants access to one feature within epic. Think of these like a key that grants you access to one room.

If a user has a security point, they have access to an activity. if they do not have the required security point, then the activity will not be available to them; they wont even see it.

Question 11

What does security class do?

Answer 11

security class does grouping of security points that grant access to related activities and functionality in an epic application. Think of this as a ring of keys.

Question 12

True or False: security classes are application specific?

Answer 12

True, security classes are application specific and attach to a user or template record. Any given user could have upwards of 15- different key rings (Security classes) depending on their job responsibilities. The more applications they need to access, the more security classes they will have.

Question 13

What is a user role (E2R)?

Answer 13

The user role record defines the visual appearance (or layout) of hyperspace. It works very closely with security in determining how a user can get to a given activity. It is attached to a user or template record and is required to log in to Hyperspace.

Question 14

The Cogito form in the user security can be used across all of our tools to limit which data a user sees in their results. What are some examples of when these values ?

Answer 14

*Some slicerdicer data models require a user to have an authorized service area. Without one, the data model is completely inaccessible.

*SlicerDicer data models can filter results automatically using the service areas listed.

*Many workbench templates use required “Dynamic” Parameters that filter by these values whenever the report is run. This means two users running the same HRX would see different results cased on the values stored here.

*Dashboard summary level parameter selection is limited to the values stored here for all users viewing a dashboard.

Question 15

For user roles in the security section, what do user roles define?

Answer 15

The user role record defines the visual appearance (or layout) of hyperspace.

Question 16

In the section of User Role (E2R), it talks about user role records, What are some things a role record controls?

Answer 16

Some of the controls are:
What startup open automatically upon logging into hyperspace

What buttons you have access your hyperspace toolbar and under the epic menu

How long the system will stay idle before logging you out.

Question 17

In a workbench report action security, what are the two main types of actions that can appear at the top of a report?

Answer 17

Activity based actions and extension based actions.

Question 18

In workbench report action security what is an activity based action?

Answer 18

An activity based action jumps the user to a place in hyperspace. This could be opening the patients chart, creating an encounter, or opening any other activity. These types of actions are assigned to the template in the template editor.

Question 19

In workbench report action security what is an extension-based action?

Answer 19

Extension based actions execute M code when click. This could include setting a flag in a record or populating data in a record.

Question 20

How would you assign extension based actions to templates and reports?

Answer 20

Assign extension-based actions to templates and reports on the actions tab of the analytics system settings activity.

Question 21

True or False: Extension based actions are records in the HGA master file?

Answer 21

True, extension based actions are records in the HGA master file. to view the action groups on an extension based action, find the record in the record viewer.

Question 22

What are report groups?

Answer 22

Report groups are the primary means of distributing cogito content.

Question 23

When is a user granted access to content?

Answer 23

A user is granted access to content if both of the following are true.

• The user has a security class that grants them the appropriate functionality to view/run that content.
• the user and content share at least one report group.

Question 24

How would you determine who may see a template and its reports?

Answer 24

Assigning a report group to a template is just one part of making a template available to users. For a template to be available. it must be configured. For a template to be configured, it must have:

*One report type assign to it
*at least one report group.

Question 25

True or False: You can assign report groups at the report level instead of the template level?

Answer 25

True, you are able to assign report groups at the report level instead of the template level if the use in the group should not have access to all reports made from a template.

Question 26

True or False: Do groups assigned at the report level override the groups set at the template level?

Answer 26

True, groups that are assigned at the report level override the groups set at the template level for that report. Groups assigned at the eport level often lead to more long term maintenance.

Question 27

Where can you assign a report group to a public report?

Answer 27

You can do this in the metadata editor in the analytics catalog. You can also do so in the report settings window while editing the report. On the general tab, in the report access section, you can see the report groups inherited from the template and add in report level overrides.

Question 28

True or False: You cannot distribute dashboards to large groups of users with the same report group or user type?

Answer 28

False, you can distribute dashboards to large groups of users with the same report groups or user type, and/or assign individual dashboards to specific users for ease of setup and maintenance.

Question 29

How would you distribute dashboards by report groups?

Answer 29

You can assign report groups to dashboards either by:
*Editing the dashboard’s details in the metadata editor or
*listing the report group on the access form in the dashboard editor.

Question 30

What are User Types?

Answer 30

Epic builds and maintains user types. They are used to broadly describe a user’s responsibilities and capabilities in the system. For most users, the system automatically assigns user types upon login, but your organization can also explicitly assign user types to user records.

Question 31

How would you distribute dashboards by User Types?

Answer 31

Assign user types to dashboards in the same places that you assign report groups.

Question 32

What happens when a user and a dashboard share a user type?

Answer 32

If a user and a dashboard share a user type, the user can access the dashboard.

Question 33

True or False: you can distribute dashboards by User Security?

Answer 33

True, sometimes report groups and user types are insufficient for your desired dashboard distribution strategy. Setting up access to dashboards through user records or user templates is another option to distribute dashboards.

Question 34

True or False: You grant access to a dashboard to the individual user record?

Answer 34

True, to grant access to a dashboard on the individual user record, you must access the Radar form of the users record in User Security.

Question 35

True or False: If a user and a component share any report group or user type, the user can add the component to the main dashboard?

Answer 35

False, the user can add the component to the dashboard view not the main dashboard.

Question 36

Where would you assign report groups in a component?

Answer 36

Assign report groups and user types to components in the metadata editor or on the distribution form of the component editor.

Question 37

True or False: A builder can add any component to a source dashboard, regardless of the report groups?

Answer 37

From the designer UI or the dashboard editor, a builder can add any component to a source dashboard, regardless of the report groups attached to that component or user. Report groups only control what components a user can add to their own dashboard views?

Question 38

True or False: report groups do not control what components a user can add to their own dashboard views?

Answer 38

False, Report groups only control what components a user can add to their own dashboard views. If a user and a component share any report group or user type, the user can add the component to any dashboard view.