Understanding Security

Security is an important component in safeguarding patient data and complying with HIPAA rules and regulations. AcuityLogic requires that you set up security so that each user must have a defined role with login credentials to view or maintain patient information.

AcuityLogic leverages a role-based security system, which allows you to control how loosely or how tightly security is implemented in your practice.

A role is a job or a function within your practice. For example, Service Associate is a function within your practice that generally requires entering patient demographic data, scheduling appointments, receiving copayments, etc. You can easily think of a list of tasks within your own practice that the service associate role would need to perform as well as those of Billing Clerk, Dispenser, and Doctor. AcuityLogic allows you to establish which sections of the system each role can access.

It is not uncommon for one person in your practice to fill multiple roles. For example, a single person in your practice may work in the capacity of Sales Associate, Ophthalmic Tech, and Dispenser. AcuityLogic allows you to assign multiple roles to each individual in your practice, thereby enabling users to access the various portions of the AcuityLogic system that they need to perform their various job functions.

As illustrated below by John and Susan, multiple security roles can be assigned to each doctor or staff member. The same security role can be assigned to multiple staff members when their duties overlap. In this case, both John and Susan are assigned to the Dispenser role. AcuityLogic offers several security roles that you can customize to the needs of your practice.

When one person is assigned multiple roles, he or she has access to the highest level of access granted by the roles. For example, if Sally is assigned the Sales Associate role, and the Sales Associate role is configured to access most of AcuityLogic POS, Sally will be able to perform tasks only in AcuityLogic POS. If you then assign the System Admin role to Sally as well, then Sally can access all of the AcuityLogic modules because the System Admin role supersedes the Sales Associate role.

Each role is made up of building blocks, called access options, which determine which parts of the AcuityLogic system a person with that security role can access. You might think of access options as all the various tasks that someone would need to perform. You can link individual access options to roles, or you can even give a role full access to a complete AcuityLogic module (such as AcuityLogic Admin) or to the entire AcuityLogic system.

Security roles are made of access options that allow the role to perform specific actions in AcuityLogic. In the following example, any users who are assigned the Dispenser security role can print lab orders, apply discounts, and process patient order remakes.

If a team member has access to an AcuityLogic module, but no options assigned to their role for a menu in that module, they will not see that menu choice when they log on to the module. In the following example, the Tool menu is not available.

Related Topics