How does role-based access control work?
It is a security mechanism that restricts unauthorized access to the system. Each user has a specific role, which determines the privileges they are granted.
The user can be controlled when he/she performs a certain action within the system, and only be granted access to the information required for performing the task as specified in the configured role. As a result, managing permissions is minimized because users do not have to create permissions one by one, once roles with specific permissions have been created. Then, they can assign users according to their needs. This ensures that information is protected from malicious users by preventing them from accessing information not relevant to them.
Using Office Puzzle‘s built-in role-based access control, you can control the actions that are performed on every page within the system, such as create, read, edit and delete. According to their role, these actions are authorized or not, avoiding unexpected changes and protecting information.
The PROVIDER roles in the system are as follows:
PROVIDER_LEVEL_1: Accesses all customer information, creates documents, events, uploads files and collects data.
PROVIDER_LEVEL_2: Same as PROVIDER_LEVEL_1 with the additional ability to modify the service plan and review documents from other providers to mark them as read-only.
PROVIDER_ADMIN: Same as PROVIDER_LEVEL_2, but additionally can modify all customer information such as demographics, addresses, authorizations, required documents, etc.
The ADMIN roles in the system are as follows:
ADMIN: Has full access to the agency, users, and clients.
ADMIN_HR: Accesses all agency-level information related to human resources, like Management of in-services, Payroll, New users, etc. Has limited access to clients, but full access to providers.
ADMIN_CLINICAL: Accesses to manage all agency-level information related to the clinical side. Limited access to users but full access to the clients.
ADMIN_OPERATIONS: Accesses agency-level information, like Users, Calendar, Reports, Documents etc. Has limited access to agency, but full access to providers and clients.
ADMIN_BILLING: Accesses claims at agency level. Has limited access to agency, but full access to Billing.
ADMIN_READONLY: Accesses the agency, users, and clients, but without creating, editing or deleting anything.