Section 12.4   Roles

A security role is a collection of privileges in a workspace. Users can be assigned to a role and inherit the permissions defined in the role. Roles can be added to groups and will be restricted to performing the actions defined by the role in the specific work area(s) defined by the group data policy. Roles can have overriding data policies. Refer to Security Policy for instructions on setting up a Role level data policy.

Section 12.4.1                  Creating a New Role

Using the Navigation Tree, select Users>Groups>Roles. Tabs for Users, Groups, and Roles have tables that show the information related to each security level. Select the Roles tab to view a list of roles and the associated users assigned to the role and the groups the role is assigned to. Select Add New to create a New Role. You can edit, delete, or view the role settings by highlighting the group and selecting edit, delete, or details, respectively.

Section 12.4.1.1             Access to PPI/PII

By default, access to PPI/PII is turned off for users, groups, and roles. To allow a group of users to access PPI/PII turn on the access.

Section 12.4.1.2            Role Name

Give the Role a name that is descriptive. A Role is like a job title. Examples include Administrator, Project Manager, Reviewer, Approver.

Section 12.4.1.3            Groups

You can assign a role to a group from the New Role or Edit Role Menu(s). The Role will inherit the data policy of the Group it is assigned to unless you configure the data policy for the Role. A Role Data Policy will override a Group Data Policy. Refer to Creating a Security Policy for instructions on setting up a Role level data policy.

Section 12.4.1.4           Users

Assign Users to the Role. This allows you to set the policy one time for many users. You can set up a separate policy for users. Refer to Security Policy for instructions on setting up a User Level Policy.