Understanding Security
Security is an important component in safeguarding patient data and complying with HIPAA rules and regulations. AcuityLogic requires that you set up security so that each user must have a defined role with login credentials to view or maintain patient information.
AcuityLogic leverages a role-based security system, which enables you to control how loosely or how tightly security is implemented in your practice.
A role is a job or a function in your practice. For example, Service Associate is a function in your practice that generally requires entering patient demographic data, scheduling appointments, receiving copayments, and so on. You can easily think of a list of tasks in your practice that the service associate role must perform as well as those of Billing Clerk, Dispenser, and Doctor. AcuityLogic enables you to establish which sections of the system each role can access.
It is not uncommon for one person in your practice to fill multiple roles. For example, a single person in your practice may work in the capacity of Sales Associate, Ophthalmic Tech, and Dispenser. AcuityLogic enables you to assign multiple roles to each individual in your practice, thereby enabling users to access the various portions of the AcuityLogic system that they need to perform their various job functions.
As illustrated below, multiple security roles can be assigned to each doctor or staff member. The same security role can be assigned to multiple staff members when their duties overlap. In this case, both John and Susan are assigned to the Dispenser role. AcuityLogic offers several security roles that you can customize to the needs of your practice.
When one person is assigned multiple roles, he or she has access to the highest level of access granted by the roles. For example, if Sally is assigned the Sales Associate role, and the Sales Associate role is configured to access most of AcuityLogic POS, Sally can perform tasks only in AcuityLogic POS. If you then assign the System Admin role to Sally as well, Sally can access all of the AcuityLogic modules because the System Admin role supersedes the Sales Associate role.
Each role is made up of building blocks, called access options, which determine which parts of the AcuityLogic system a person with that security role can access. Think of access options as all the various tasks that someone needs to perform. You can link individual access options to roles, or you can even give a role full access to a complete AcuityLogic module (such as AcuityLogic Admin) or to the entire AcuityLogic system.
Security roles are made of access options that enable the role to perform specific actions in AcuityLogic. In the following example, any user assigned the Dispenser security role can print lab orders, apply discounts, and process patient order remakes.
If a team member has access to an AcuityLogic module, but no options are assigned to his role for a menu in that module, he will not see that menu choice when he logs on to the module. In the following example, the Tools menu is not available.