1 / 33

CPS Security Best Practices

CPS Security Best Practices. Angela Jarrett CPC, CMPA Implementation/Training. Agenda. Security Overview. Security Overview. Authentication Method Selection. The selection of authentication method is found within the CPS Server Setup. Selecting an Authentication Method. Active Directory.

kenyon-mcbride
Download Presentation

CPS Security Best Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CPS Security Best Practices Angela Jarrett CPC, CMPA Implementation/Training

  2. Agenda

  3. Security Overview

  4. Security Overview

  5. Authentication Method Selection The selection of authentication method is found within the CPS Server Setup.

  6. Selecting an Authentication Method Active Directory Application Provides the ability, within CPS to: Manage groups and users Password requirements Provides the ability, within Windows Active Directory to: • Manage groups and users • Password requirements Note: Certain applications i.e. VisDoc require the use of Windows Active Directory Authentication.

  7. Configuring Active Directory Settings

  8. Automatically Create Users

  9. Configuring CPS Authentication Settings

  10. Security Groups Security Groups must be created and users attached priorto configuring security. Users will not appear in the group until after they first log into CPS.

  11. Creating Users

  12. User Required Fields • CPS allows the configuration of Required Fields when building users. • These windows function identically to the existing Registration Required Fields window.

  13. User Attributes Attributes allow the determination of users who require: • Schedule Templates – Schedule Templates for booking of appointments. • Billing Provider – Configuration of Billing Identification and Billing Fee Schedules • Chart Contributor – Access to perform chart updates. i.e. Nurses, Providers.

  14. Configuring User Attributes, Linking Username

  15. Responsible and Other Providers

  16. Who is a Responsible Provider?

  17. Who is an Other Provider?

  18. CPS ‘DoctorFacility’ Table Values

  19. Assigning Security

  20. Notable Security Permissions - Administration

  21. Notable Security Permissions – Other The following permissions allow users to: • Billing – Access visits • Business Reports • Assign Security – Assign permissions to others i.e. users with access to load custom reports • Design Mode – Customize Collection or Appointment Reminder Letters • Statements – Run individual or bulk statements • Registration>Delete Patient – Delete patient without data i.e. new patient cancels/no show appointment • Schedule>Saved Schedules – Modify drop down menus when accessing the patient schedule. • Visit>Patient Payment – Required to enter time of service patient payment • Delete Transaction – Delete a payment, adjustment or transfer • Visit • Transaction Management

  22. User Preference Groups

  23. Selecting a User Preference Group

  24. Assigning Security – Reports • May be assigned at a folder or report level. • Active Reports: It is recommended to only allow execute permissions to individuals with full understanding of the report. • Click to select/highlight the folder or report to ensure the correct selection. • When loading a report, the user must assign permissions to others.

  25. Report Security Permission Definitions • Execute: Run report with default criteria • Edit: Modify Report Criteria • Create: Create folders or move report to selected folder. • Delete: Delete report or Move report to another folder.

  26. Considerations and Recommendations

  27. Authentication Method • Determine the authentication method priorto user creation in order to minimize duplicate users. • Continue to use Active Directory to manage groups and users. • Uncheck ‘Automatically Create Users’ to minimize duplication.

  28. Security Groups and Membership • To minimize permission conflicts, assign users to only one CPS security group. • To assign allow permissions, select the Group. • Unless a group explicitly attached to a permission or component, CPS assumes the group is disallowed.

  29. Users and Permissions • If a provider intends to log into CPS in the future, it is recommended to create the individual as a user with Billing Provider attributes. Do not create as a Billing Resource. • Disallow permissions override allow permissions. • Disallow users within the allowed group as an exception. Example: CPS_Admingroup is allowed, but jsmith (admin) is disallowed.

  30. Billing Resource Management • Billing Resources are providers that will never log into CPS. • If the provider becomes a user, you may click ‘Promote to User’ to promote the provider to log in to CPS.

  31. Reports Security • Use Fill Down with Caution • Determine specific groups/users for all active reports • Grant Assign Security Permissions to individuals who: • Load Reports • Copy Reports, Letters • Grant Design Mode permissions to individuals who customize reports and letters i.e. appointment reminders, collection letters.

  32. Helpful Resources • Use the About Permissions topic in CPS Help for suggested access levels. • Use the CPS 12 Security Workbook provided to assist in planning and managing security permissions.

  33. Download all conference presentations at visualutions.com/ug14conference Thank you. Join our newsletter and stay up to date! visualutions.com/newsletters

More Related