Security: User Profiles
A user's Security profile determines their user name, user group, employee and/or provider association, and Alert subscriptions. Passwords can be assigned here, but each user can also change their password via the File menu (see Change Password). If using Clinics, users can have a default clinic, and optionally be restricted to certain clinics.
Note: For HIPAA compliancy, each user should have a unique, protected password that only they know. This is especially important for providers because some actions performed when the provider is logged-on are the same as "signing off", such as writing procedure notes or electronic prescriptions.
To open a user's profile, on the Security window, click Add User or double click on an existing user to edit.
User tab: Associate the user with a user name, user group, employee and/or provider.
Clinics tab: Only visible when using Clinics. Set a default clinic and optionally restrict user access to clinics.
Alert Subs: Subscribe the user to alerts.
Create Password: Create a temporary password for a user.
User Name, User Group, and Employee/Provider Association
On the User tab, enter the user's user name, assign a user group, and associate user to an employee and/or provider.
- User ID: A system generated unique identifier that is useful for third party reporting.
- Name: The user name when Logging On to Open Dental.
- User Group: This assignment will affect the user's Permissions and any user group Lock Date limitations. To add options, see User Groups.
- Employee: The Employee the user is associated with. An employee association is required if the user will use the Time Clock.
- Provider: The Provider the user is associated with (if any). This is important for EHR since a provider must be logged on to count for some measures.
- In version 16.1 and greater, a user can be associated to both an employee and provider.
- In 15.4 and earlier, a user can only be associated to one or the other. Thus for a provider to use the time clock (e.g. a hygienist), he needs two user profiles: one user associated with a provider (to track appointments procedures, production and income) and one user associated with an employee (to track employee time clock events).
Assign the user a temporary password they can use to log in.
- Once logged on each user should immediately change their password to a unique password only they know. See Changing Passwords.
- Password requirements are determined by the two settings in the Security window. If passwords do not meet requirements, you will receive a notification message. Strong passwords must be at least 8 characters and have at least one number, one uppercase letter, and one lowercase letter.
If strong passwords require special characters, it must also contain a symbol such as $, #, >.
- Click Create Password.
- Enter the password. Check Show to view the password as you type instead of asterisks *.
- Click OK to save.
Assigning a Default Clinic to a User / Restricting by Clinic
If using Clinics, use the Clinics tab to assign each user a default clinic and optionally restrict clinic access.
- User Default Clinic: Highlight the user's default clinic. Only one option can be selected. If All is selected, Headquarters will be the default. Usually this clinic be selected automatically when the user logs on. See Clinics for additional logic.
- User Restricted Clinics: Restrict the user's access to one or more clinics.
- Highlight the clinics the user should have access to. To select multiple clinics, click and drag, or press Ctrl while clicking.
- Check the Restrict user to only see these clinics box.
- Click OK to save.
If restricted, a user will be limited to specific clinics in the following areas:
When providers are restricted to clinics, in may affect the available provider options in some areas (e.g. only providers who have access to a clinic are options). These areas include:
Example: If Provider A is restricted to Clinic A, Provider A will not be an option for primary or secondary provider when editing patient information for a patient assigned to clinic B.
Assigning User Alert Subscriptions
Each user can subscribe to alerts that show in the main menu (Alerts) when the user is logged on. See Alerts.
When a User Leaves the Practice
When an Employee Leaves the Practice, you can hide their user profile by checking Is Hidden on the User Edit window. This will hide the user from the Security Log On window. Users cannot be deleted.
Other Setup Options
Another option is to setup multiple 'users' for each employee, each with different permission levels. The 'user' with minimal permissions could be used routinely, then when they need to perform an action that is a security risk, they would log off, then log on as a different 'user' with more permissions.