Show/Hide Toolbars

Filopto Help Manual

AccessRights

Filopto security model enables you to control user access to the tabs, features, modules and functions in the software. Without a user profile, defining the user security access rights, the user cannot do anything.

 

"By Default users have no access rights, they need to be assigned Security Access to features and modules to be able to use Filopto"

 

The administrator can define security groups for each security (granular) level required.  For example,

 

1) a user is typically a member of multiple security groups.  Each security group he/she is a member of gives the user additional rights to use modules or features/functionality of the Filopto Software.  

 

2) Security groups define what a user can do or not do.  Typically a user will have access to multiple security groups.  For example, you can create an individual security group for every tab in Filopto and then assign only the one or many tab security group(s) that contains the tab that the user will need access.

 

The same process can be done for various security rights allowing the administrator to fine tune each users access rights by only giving them the functions and features they need.

 

To get you started, some basic security groups are already created to get your users up and running quickly.  You only need to assign them to each user profile.

 

 

 

Example of how flexible a user group can be:  You could create a user group that would only have access to the Point of Sales tab.  You could further refine access by creating a second user group for a point of sale employee which would not allow a specific user to have invoicing access. Important: if you do not give specific access to a user, the user has no access rights by default!

 

What is a User Account/Profile?

 

A user account/profile is a collection of settings and information that tells Filopto which tab, button and features a user can access, what a user can do with Filopto, what are the users preferences, and what network resources the user can access when connected to the Filopto network server.

 

The user account/profile allows a user to authenticate to Filopto so that a user is granted authorization to use the resources that the Filopto administrator has allowed.  Secure, enterprise grade systems such as Filopto don’t allow a user to use their resources without having a user account/profile.

 

In Filopto, you can manage the user accounts/profile by going to the “Configuration Manager Tab - Employee Manager” and creating an employee (user).

 

NewEmployeeProfilepng

 

Once an employee profile is created the Filopto administrator can go to the employee profile “security tab” to select from the already created access groups and activate the required access groups for the user.  User access groups are a collection of user accounts that share the same security rights and permissions.  A user account must be a member of at least one user group. By default, users have no access rights.

 

(Note: Only Filopto Administrators have access to the Employee Profile Security Tab (see Create a System Administrator))

 

UserAccount

 

Create Security Access Groups

 

The Security Group screen in the “Configuration Manager Tab - Security Manager”provides the Filopto Administrator with the ability to create New Security Groups by using the button with the same name.  

 

SecurityGroupstab

 

When selecting the New Security Group button the user is presented with the Security Group screen which contains two tabs:

 

1) the Security Access Rights list - which gives access to the various elements of Filopto

 

2) the Members of the Security Group, that list the users that have access to the security rights of the selected group.

 

 

SecurityRights

 

 

Give Security Access to a Group or User

 

Security Access Rights List

To activate an access right option place either a check mark beside the listed right or select a right level from the drop down field for the selected right. If no item is selected or if no check mark is placed beside a right the user will not inherit the right to use this feature/option.

 

User Tab Access

Place a check mark beside the tabs names you wish to give access to a group/user.  A user not having a specific Tab access will not see the tab and will not be able to access its content.

 

TabAccess

 

 

Patient File Access

Place a check mark or select an access right from the drop downs to give access to the various features and functions of the patient file and features.  Prescription access can be limited per HIPAA, PHI and PHIPA legislation.

 

PatientFileAccess

 

Patient Scheduler Access

Users can be provided with various access rights to the patient scheduler by selecting the options from the drop down field.

 

Scheduler Access

 

Recall Manager Access

Users can have access to the Recall Manager by placing a check mark.

 

RecallAcess

 

EMR/Exam Access

Users can be provided with various access rights to the EMR/Exam module.  Users having EMR Access Level rights of Read / Write can make changes to the EMR, if they are listed in the Filopto Licensing section in the Configuration Tab.  An EMR user with Read/Write access must have the rights assigned to his/her profile and be authorized and assigned to use an EMR license in the License and Services Manager located in the configuration tab.

 

As required by various legislation such as HIPAA and other PHI regulation, some jurisdictions require that certain "SPECIAL" users have access to the EMR in case of an emergency as defined by the legislation.  The EMR Emergency Access option provides the functionality required to meet the legislation requirements.  Note that users having this special access will see a check box displayed on the logon screen.  When checked the user action will be recorded for audit purposes and as required by the legislation and will give the user access to the EMR module.  Please note that the EMR emergency access must be limited to key individuals per HIPAA /PHI/PHIPA and other similar legislation requirements.  

 

The EMR Audit Log access should be limited to an administrator.  

 

EMRAccess

 

EMREmergencyAccess

 

Invoice Access

Invoice access rights can be selected with check marks and drop downs rights. Note that if users are not provided with a specific invoice changes options listed, a pop up screen will be displayed requesting a manager approval if the user tries to make any such changes without appropriate access rights.  The Manager that has such rights will need to enter their credential to approve such changes to the invoice.

 

By default not all users should have access to the rights listed if you wish to maintain accounting control and prevent possible fraudulent activities.

 

Authorize

 

InvoiceAccess

 

Lab Order Access

Users can be provided with various access rights to the Lab Orders module.

 

LabOrderAccess

 

Credit Memos Access

Users can be provided with various access rights to the Credit Memos module. The create/modify credit memo right should be considered for accounting personnel or administrative or supervisory personnel.  

 

CreditMemosAccess

 

Insurance Access

Users can be provided with various access rights to the Insurance module.  This right is required for users dealing with Insurance functions.

 

InsuranceAccess

 

Claims Access

Users can be provided with various access rights to the Claims Manager and claim functions such as voiding a claim record. Voiding claim records should be limited to your supervisory, accounting or claim administrator.

 

ClaimsAccess

 

Accounts Payable / QuickBooks Access

Users can be given access to the QuickBooks Connector and to the Accounts Payable function. these functions should be limited to the individuals requiring these functions.

 

AccountingAccessRights

Inventory Access

Users can be provided with various access rights to the Inventory Manager, vendor Manager, Pricing, EMR Billing Groups and promotional functions as well as the Purchase Order and ability to transfer stock from one office to another.  Financial pricing and stock transfer and  Purchase Order function should be limited to key individuals.

 

InventoryAccess

Reporting, Forms, Communication Manager, Ask A Question, E-Mail Manager, and Eye on Your Business

User access can be provided access to various reporting, forms, communication tools and to Eye On your Business. To limit who has access to what information from your system you should limit these functions to key individuals in your organization.  It is not uncommon to see these functions divided amongst several individuals for security reasons.

 

ReportAccess

 

Employees Profile Access

This section provides access to various employees functions (employee manager, employee scheduler, time sheets) and features in Filopto.

Making changes to employee time sheets should be limited to a key individual as not to corrupt payroll records.

 

Employees Access level relates to access to the Employee Manager

 

Can View Time Sheets relates to the employees time sheets available in the Office Manager tab.

 

Employee Scheduler Access Level gives access to the employee work scheduler.

 

 

EmployeeAccess

 

Configuration Access

This section should only be given to system administrators.  It deals with key system settings rights such as the system Security Manager, Database Manager, System Settings and Pick Lists as well as your Backup service and system licenses and Filopto Service Configuration Manager.  All of these sections are highly sensitive and incorrect use by a user can cause serious to catastrophic issues.

 

The Can use the Security Manager provides management of employee and access group rights, this includes the security tab in Employee Manager and access to the Configuration Tab - Security Manager

 

The Can View Audit Log provides the user read/view capabilities for Audit Logs in the Employee Manager and in the Configuration tab.

 

The Can use the License & Service Manager controls your Filopto Licensing and distribution of licenses to offices and users. Features like EMR and remote desktop services are managed via the licenses.

 

ConfigurationRights

 

 

Assign User Access Groups to a User

 

Go to the Employee Account/Profile Security tab (1)  and select the Security Groups Tab (2) and assign (3) the user allowed access groups to give the user the access rights needed. A list of access rights given to the user are displayed in the Security Groups grid (4).

 

UserAccount