.jpg?sv=2022-11-02&spr=https&st=2025-04-26T21%3A21%3A55Z&se=2025-04-26T21%3A53%3A55Z&sr=c&sp=r&sig=jvN9kFRSRCguphVh7a5MkYSmEwqAE%2FGbP9BnwjcjESM%3D)
Security Module
Security Overview
All user and group management is conducted in the Security module.
Every user in Novari ATC belongs to at least one group. The group a user belongs to defines the ways in which that user is permitted, and prohibited, from interacting with the application. These constraints are referred to as a group’s Access level and Privacy Level.
Security Navigation Menu and Dashboard
Select the Security module on the Main page to open the Security – Dashboard.
Menu | Item | Action |
Main | Main | Return to the Main page |
Log Out | End your Novari ATC session | |
Dashboard | Displays the Security dashboard | |
Users | Manage Users | Displays the list of users for you to manage |
Groups | Manage Groups | Displays a list of groups for the selected health center for you to manage |
Manage Users in Groups | See the users in a selected group from a selected health center and remove one or more if needed | |
Manage Users in Groups | Displays the list of users and the groups the user belongs to and allows you to manage group membership. Can be displayed by group instead of by user if you need to see which users belong to each group. | |
Create a New Provider Group | Displays the Create a New Provider Group page so you can add a new provider group | |
Create a New Pool Group | Displays the Create a New Pool Group page so you can add a new pool group |
Understanding Novari ATC Access and Privacy Levels
Controlling access to the Novari ATC application is handled through groups. Users inherit the permissions assigned to the groups to which they belong. There are three steps:
Setting the ‘Application Type’.
Setting a ‘Privacy Level’.
Setting a ‘Privilege Level’.
The Application Type (also known as applications or modules), together with the Privilege Level, define where a user can navigate and what actions they can take, respectively. These two settings make up the Access Level of the group. The Privacy Level determines what information a user can see in any accessible region of the application.
Application Types
The Application Type determines which modules of the application a group will grant a user access to. A group may grant access to many Application Types.
The available Application Types are:
Administrator: The user will have access to the Administrator module. Generally, site administrators would use this module.
Provider’s Office: The user will have access to the Provider’s Office module. Generally, medical office assistants would use this module.
Reports: The user will have access to the Reports module and the reports for the given providers/pools. There are also administrative reports and custom reports. Generally, all users may use this module.
Care Venue: The user will have access to the Care Venue module. Generally, the care venue’s OR booking clerks would use this module.
Pre-Surgical Screening: The user will have access to the Pre-Surgical Screening module. Generally, the PSS clerks and nurses would use this module.
WTIS Data Entry: The user will have access to the WTIS Data Entry module. (This may be used by hospitals that do not report directly to WTIS via an interface.)
Patient Registration: The user will have access to Patient Registration module. Generally, a hospital’s registration staff would use this module.
Security: The user will have access to the Security module. Generally, site administrators would use this module.
eRequest: The user will have access to the eRequest module. Generally, site administrators would use this module.
USER PREFERENCES. ALL USERS HAVE ACCESS TO THE USER PREFERENCES MODULE. THAT IS WHY IT IS NOT IN THE LIST OF APPLICATION TYPES.
Privilege Levels
The Privilege Level controls whether a user can make changes to the wait list, for example, add patients, perform audits, schedule surgical procedures. The options are:
Full Access: The user has full access to the functionality of the pages they visit.
Read-Only Access: The user may only take actions which do not alter the state of any cases. In this case, a user would not be able to create a new case or schedule an appointment; however, a user with read-only access can, for example, view lists, cases, schedules, and reports and print an OR Booking form.
Privilege levels are assigned to a user when managing a group. Within a group, a user can have access to different modules, for example Provider’s Office or Reports. For each module, each user can be assigned Full Access or Read Only Access. Thus, a user may have, for example, full access in Provider’s Office, but read-only access to Reports.
| When a user belongs to more than one group and the groups have different privilege levels, the user gets the most restrictive. |
Providers in this group have permission to three modules. For Provider's Office, only two providers have access; one with Full Access and the other with Read Only Access.
Avocado, Toast has Full Access to Provider's Office but Read Only Access to Reports.
To assign a privilege level to a provider:
Create a new group or modify an existing group
Select the module from the Providers with permissions in list
Add one or more providers to the module by selecting them from the list of providers and selecting Add Selected
For each provider, accept the default Full Access privilege or change to Read Only Access
In Manage Groups, when you select a group, you see the list of providers with their privileges.
In Mange Groups, the list of groups displays the privilege level. When there is a mix of privileges, it displays the most restrictive.
| It is recommended that you create a read-only group instead of assigning read-only privilege to one or more users within a group. This makes user and group administration simpler. |
Provider’s Office Read-Only Access
The following is a list of what a read-only user cannot do in Provider’s Office module as of May 2024. It may not be a complete list as Novari ATC functionality is enhanced over time.
Cannot add a patient.
Cannot edit a patient’s demographic information.
Cannot edit a patient’s case detail.
Cannot complete a patient’s case detail QuickScreens.
Cannot add an attachment to a patient’s case detail.
Cannot generate documents for patients on the wait list.
Cannot create New, copy, edit or delete a document template.
Cannot Create New, copy, edit or delete a document Header/Footer.
Cannot Clear Selected Without Print, Refresh Selected, Clear or Refresh a New ATC Documents – System Generated.
Cannot Clear Selected Without Print, Refresh Selected, Clear or Refresh a New ATC Documents – Manually Generated.
Cannot edit or recreate a document in the ATC Document History.
Cannot edit a note, submit a note or delete a note in Calendar.
Cannot create a New Surgery Block.
Cannot schedule a patient.
Cannot change a patient’s surgical date.
Cannot edit any Preoperative Requirements.
Cannot set a surgery date or clear any Day of Surgery Cancellations.
Cannot clear or add a repeat/follow up to any Case Completions.
Cannot clear any Repeat Follow up Activations.
Cannot edit the Novari ID, add a case, remove a case, change surgery date, activate to waitlist or edit additional information when reviewing Repeat Follow-Up Cases.
Cannot review and clear any Repeat Follow-up Completed Cases.
Cannot manually schedule a PSS Appointment in Calendar.
Cannot edit a patient, add an attachment, recall, edit account number, edit Preparations & Alerts, edit attachments or eForms, Add a Preop Requirement, Add a PSS Preoperative Activity or edit any existing ones.
Care Venue
The following is a list of what a read-only user cannot do in Care Venue module as of May 2024. It may not be a complete list as Novari ATC functionality is enhanced over time.
Cannot add a case, complete or edit reporting information, change Complete from Y to N and vice versa, Reset or Submit.
Cannot add a note.
Can view the Time Change Summary but cannot clear time changes.
Cannot add an attachment in the Care Venue Change History dialogue.
Cannot add a note to a day in Care Venue calendar.
Can view the Reporting dialogue but cannot change anything nor submit.
Cannot clear cancellations.
Cannot clear, complete reporting or edit an account number.
Pre-Surgical Screening
The following is a list of what a read-only user cannot do in Pre-Surgical Screening module as of May 2024. It may not be a complete list as Novari ATC functionality is enhanced over time.
Cannot add, edit, or delete any Pre-operative Requirements or Pre-Operative Activities.
Cannot clear booking changes.
Cannot change an appointment date or Ignore an Appointment Window Notification.
Cannot schedule an unscheduled appointment.
Cannot add attachments to a patient’s case.
Cannot change the appointment.
Cannot edit the requirement date, cannot change the Results Rec’vd checkbox, and cannot change the Completed status.
Cannot change the Complete status, change the date, or lock the record on the PSS Activity Tracking dialogue.
Cannot add attachments in Patient History.
Cannot add a new block or delete an existing block.
Cannot edit an existing block.
Cannot edit or delete Block Dates and cannot add a comment on a block date.
Cannot reactivate a date.
Patient Registration
The following is a list of what a read-only user cannot do in Pre-Surgical Screening module as of May 2024. It may not be a complete list as Novari ATC functionality is enhanced over time.
Cannot enter a Novari ID or match a pending one.
Cannot clear notifications.
Cannot clear Patient Update requests.
Can only view the various notifications but cannot clear/change them.
Reports
The following is a list of what a read-only user cannot do in Reports module as of May 2024. It may not be a complete list as Novari ATC functionality is enhanced over time.
Cannot use the Case Selection Builder.
Privacy Levels
The Privacy level determines what patient and provider information users belonging to this group are allowed to see. There are four levels of privacy:
Privacy Toggle (Default Off): Patient identifiers and provider names are displayed. The user can turn on and off privacy. Privacy is off by default.
o The user sees the Toggle Privacy entry in the module’s Main menu.
Privacy Toggle (Default On): Patient identifiers and provider names are hidden. The user can turn on and off privacy. Privacy is on by default.
Forced Patient Privacy: Patient identifiers are permanently hidden. The user cannot toggle the privacy as the privacy toggle controls will be disabled.
Forced Patient & Provider Privacy: Similar to ‘Forced Patient Privacy’ but providers’ names are also hidden. The privacy cannot be toggled.
Case Details when Privacy is Toggled On. Patient and provider information is obscured.
Privacy levels are assigned to a user when managing a group. Within a group, a user can have access to different modules (application types) for example Provider’s Office or Reports. For each module, users are assigned one of the four privacy levels. Thus, a user may be able to see patient identifiers in Provider’s Office but not Reports.
To assign a privacy level to users for a module in a group:
Create a new group or modify an existing group
Select the module from the Providers with permissions in list
Add one or more providers to the module by selecting them from the list of providers and selecting Add Selected
Select one of the privacy levels for the providers
Which privacy levels you assign vary in behaviour
Privacy Toggle – Default On and Privacy Toggle – Default Off are assigned to all providers in the list.
Forced Patient Privacy level and Forced Patient & Provider Privacy can be overridden for a provider.
In Manage Groups, when you select a group, you see the list of providers with their privacy level.
Steps to Success
You can choose to add users first or add groups first. The benefit of adding groups first is that you can add a user to one or more groups during the Add User process, saving you steps and reducing the chance of forgetting to add a user to a group.
If you plan on using pools, create your pools.
Create provider or pool groups, as appropriate.
Add users, adding them to at least one group.
User Management
Adding a User
Users are individuals with access to Novari ATC. Their permissions are determined by their membership in one or more groups.
ONCE A USER HAS BEEN ADDED, THEY CANNOT ACCESS THE NOVARI ATC APPLICATION WITHOUT FIRST BEING ADDED TO AT LEAST ONE GROUP.
To add a user, do one of the following to open the Security – Manage Users page:
Select Manage Users from the Users menu in the Security module toolbar.
Select Manage Users from the Security – Dashboard.
Then, on the Security – Manage Users page, select Add User.
On the Create a New User, enter the mandatory and optional information.
User Code. Mandatory. This is the username the user signs in with. It could be an email address or something less obvious, such as a combination of letters and numbers to provide additional security.
Password. Mandatory. Enter and confirm a password. Passwords must be between 6 and 20 characters and cannot contains spaces.
PIN. If you have implemented two-step authentication, you must enter and confirm a PIN. Choose if the user must change the temporary PIN at next login.
Health Center(s). Mandatory. Select one or more health centers. The selected heath centers filter the list of available groups the user can be added to in Manage Groups for User.
User Name. Optional. The last name and first name of the user, separated by a comma and a space for example, Grey, Felicity.
User Email. Mandatory.
Super Administrator. Default is N. Changing this to Y grants the user access to everything. Notice the health centers are disabled and all groups are displayed when Y is selected because the super administrator has access to them all.
Lock Account. Default is N. Change this to Y to lock a user out. When the locked-out user attempts to sign in to Novari ATC, the user sees the locked-out error message.
Active User. Default is Y. Change this to N to deactivate a user.
User Fills in GI Endoscopy DSP Post Procedurally. This determines whether the user has permissions to fill in GI ENDO DSP reporting after a case has been marked complete in the Care Venue module.
Disable Dynamic Web TWAIN for User. Default is N, which means all users, assuming they have a TWAIN compliant scanner, can scan paper documents and attach them directly to a patient case. Change to Y for any users using Apple computers or who don’t have Dynamic Web TWAIN compliant scanners.
In Manage Groups for User, select the groups the user should belong to. Remember, a user must belong to at least one group to use Novari ATC. If you don’t see any groups listed, select one or more Health Centers.
| When you create a new user or reset the password for an existing user, the user is forced to change their password on their next login to Novari ATC. |
| When a user belongs to more than one group and the groups have different privilege levels, the users gets the most restrictive. |
Editing a User
From time to time you, as an administrator, may need to edit a user.
To edit a user:
From the Security Dashboard, select Manage Users.
On the Manage Users page, click the user code of the user you need to edit.
Edit any fields on the Edit a User page.
Click Update.
Search for a User
You can search for a user by one or more characters in the user code or user name fields. The character can be anywhere within the user code or user name.
To search for a user:
Enter one or more characters in the Search box.
Click Search.
The users containing the characters in either the user code or user name are listed.
Click Reset to clear the search.
Emailing Users
You can get all the user email addresses if you need to send an email message to your users.
Click Email List.
All user email addresses appear in the Email List dialog.
Select all the addresses, copy and paste into the BCC field of your email client.
Note: you get all email addresses, not just the ones shown in the Search results.
Locking or Unlocking a User’s Account.
Occasionally, you may need to edit a user to lock the user out or unlock a user who has reached the maximum number of login attempts. When this happens the Lock Account setting changes to Y. Change it to N to unlock the account.
The number of login attempts is a Global Application Setting in the Administrator module.
You may also need to lock a user out. Change the Lock Account setting to Y. The user sees the locked-out message whenever the user attempts to sign in.
Changing a Password
You may need to change a user’s password. For example, the user may have forgotten their password, or the password may have been compromised. Enter a new password, confirm the password and click Update. Only enter a password when you need to change it, otherwise leave these two fields blank. If your browser automatically completes the password field, delete the text in the password field.
Deactivate a User
Users are not removed; they are made inactive.
To deactivate a user:
From Manage Users, click a user code to edit the user.
In Edit a User, change Active User to N.
Click Update.
When the deactivated user attempts to log in, the user is presented with the Inactive User message.
The deactivated user’s login attempt is recorded as unsuccessful in the Usage Report in the Reports module.
Add an Existing User to a Group You can do this in one of two ways:
Edit the user and select one or more groups in the Input column in Manage Groups for User and click Update.
Select Manager Users in Groups from Groups menu or from the Security Dashboard, select an existing group, and select one or more users to add to the group, click Submit.
Remove an Existing User from a Group
You can do this in several ways:
Edit the user and clear one or more group checkboxes in the Input column in Manage Groups for User. Click Update.
Select Manager Users in Groups from Groups menu or from the Security Dashboard, select an existing group, and clear one or more users to add to the group, click Submit.
Select User Group Management from Groups menu or from the Security Dashboard. You can see a list by user or by group letting you easily see the groups a user belongs to, and which users belong to a group. Click Remove to remove a user from a group or Remove All to remove all users from a group or all groups from a user.
Group Management
Creating Groups
In Novari ATC, there are two types of user groups:
Provider User Groups define a user’s permission and access level to a provider’s wait list.
Pool User Groups define a user’s permission and access level to a pool.
A provider group can have permissions with one or more providers, and a pool group may have permissions with one or more pools. A single user can belong to many groups.
Create a new Provider Group
Providers must be added to Novari ATC through Metadata Management Tool prior to creating groups. The number of groups you create depends on your user needs.
For example, you may want to create a provider group for three orthopaedic surgeons who work in the same office and at the same health center care venue and share two medical office assistants (MOA). The two MOAs are added as users and would have access to Provider’s Office, User Preferences, and possibly Reports modules and full access to the three surgeon’s wait lists.
A provider group could contain one provider and one user, for example, Felicity Grey, Cardiac Surgeon and Rita, her MOA.
A provider group could include all care venues at a health center, and all providers and all the OR scheduling staff as users who use Care Venue module. Each user group can have a combination of 1-N providers at 1-N care venues for 1-N modules.
To create a new provider group, do one of the following:
Select Create a New Provider Group from the Security dashboard.
Select Create a New Provider Group from the Groups menu in the Security toolbar.
BEFORE A PROVIDER APPEARS ON THE LIST WHEN CREATING A NEW PROVIDER GROUP, PROVIDERS MUST FIRST BE ADDED THROUGH THE ADMINISTRATOR MODULE. CHOOSE METADATA MANAGEMENT TOOL FROM APPLICATION SETTINGS UNDER APPLICATION CONFIGURATION ON THE ADMINISTRATOR DASHBOARD.
|
This creates a provider group with no members. The members (users) can be added later, and additional group configurations can be completed, such as adding additional care venues and/or additional modules. |
| Usage scenario: A new general surgeon, Felicity Grey, is setting up an office in town and will be operating at the health center. Rita is Felicity Grey’s medical office assistant. When Felicity Grey is added as a provider, a provider group with her name is automatically created. When Rita, the MOA, is added as a user, she can be added immediately to the Felicity Grey group. |
When adding a provider using the Metadata Management Tool, you can optionally choose to create a provider group using the provider’s name or a name of your choosing. Doing this saves you from having to manually create a new provider group for each provider. The automatically created provider group is given access to Provider’s Office, Reports and User Preferences modules, and Read and Write access and is immediately available for selection when adding a new user. 
In Create a New Provider Group:
Select the Health Center.
Select one or more Care Venues. You must select at least one.
Enter a name for this group.
Select the Application Type. Use CTRL+click (CMD+click) or SHIFT+click to select multiple application types. User Preferences module (application type) is automatically added to every group.
Set the Privacy Level and Privilege Level. (These are described above.)
Select the Group Membership Scheduling Ability. The default is On. If you change it to Off, the users in this group cannot create scheduling blocks in Provider’s Office Calendar.
Choose to allow Auto add new providers to this group. The default is No. You might want new providers to be automatically added to a group if, for instance, you create OR booking groups, PSS groups or patient registration groups. As new providers are added to a health center, the provider is automatically added to the groups, saving you saving the extra work of adding the providers to these groups.
Select one or more providers. Adding providers to the group gives the group users access to the provider’s patient data. For example, Provider’s Office users have access to and can manage the provider’s wait list. Care Venue users see the provider’s scheduled patients. Patient Registration users see the provider’s patients who have demographic changes to be cleared.
Select Create Provider Group.
Create a New Pool Group
To create a new pool group, do one of the following:
Select Create a New Pool Group from the Security dashboard.
Select Create a New Pool Group from the Groups menu in the Security toolbar.
BEFORE A POOL APPEARS ON THE LIST WHEN CREATING A NEW POOL GROUP, POOLS MUST FIRST BE ADDED THROUGH THE ADMINISTRATOR MODULE. CHOOSE METADATA MANAGEMENT TOOL FROM APPLICATION SETTINGS UNDER APPLICATION CONFIGURATION ON THE ADMINISTRATOR DASHBOARD.
In Create a New Pool Group,
Select the Health Center.
Select one or more Care Venues. You must select at least one.
Enter a name for this group.
Select the Application Type. Use CTRL+click (CMD+click) or SHIFT+click to select multiple application types. User Preferences module (application type) is automatically added to every group.
Set the Privacy Level and Privilege Level. (These are described above.)
Select one or more pools. Adding pools to the group gives the group users access to the patient data for the providers in the pool. For example, Provider’s Office users have access to and can manage the pool providers’ wait list. Care Venue users see the pool providers’ scheduled patients. Patient
Registration users see the pool providers’ patients who have demographic changes to be cleared. However, this is also dependent on the setting for pools and which providers they have access to, that is, access to all providers in the pool or access to only the providers I have access to through my user group(s)
Select Create Pool Group.
Manage Groups
Select Manage Groups from the Groups menu or select Manage Groups in the Security Dashboard.
The Manage Groups page lists all the groups for the selected Health Center. By default, both types of groups are displayed but you can filter to see only provider groups or only pool groups.
For each group, you can see the number of applications (application types such as Reports, Provider’s Office, etc.), the number of providers, the number of pools, the number of users, the access level and if new providers will be automatically added.
Click the group name to see the group’s detail information in the Group Details dialog.
For provider groups, it contains a list of all care venues and all providers and the providers’ application type, privacy level, privilege level and scheduling settings.
For pool groups, it contains a list of all care venues and the pools with application type, privacy level, privilege level and scheduling settings.
Modify a Group
You can add or remove application types, select the providers or pools for each application type, and set the privacy level and privilege level.
YOU CANNOT CHANGE A GROUP TYPE, FOR EXAMPLE, YOU CAN’T CHANGE A POOL GROUP TO A PROVIDER GROUP. YOU MUST CREATE THE NEW GROUP USING THE CORRECT TYPE AND THEN ADD USERS OR POOLS TO IT AS APPROPRIATE.
YOU CANNOT CHANGE THE HEALTH CENTER OF AN EXISTING GROUP.
To modify a group:
In Manage Groups, click Modify beside a group name to modify that group.
You can select or remove care venues, applications, change the auto add new provider setting or the scheduling setting.
To see the providers in this group, select an application from Providers with permissions in. This displays the applications in the group. Select one of the applications.
The Modify Group dialog expands, displaying the providers in this group with permissions in the selected application, and the privacy and privilege levels.
You can add one or more of the listed providers. These providers have permission in the selected module in the selected care venue(s) in other groups and can be added to this group.
All providers in this group have the same privacy level but privilege can be set per provider. This means that any user who is a member of this group can see and manage Felicity Grey’s wait list in Provider’s Office module and can see but cannot manage Bruce Banner’s wait list in Provider’s Office module.
Remove a Group
REMOVING A GROUP REMOVES ALL USERS FROM THE GROUP BUT THE USERS THEMSELVES ARE NOT DELETED FROM THE DATABASE OR FROM OTHER GROUPS.
BE CAREFUL WHEN REMOVING A GROUP. IF A USER BELONGS TO ONLY THIS GROUP AND THE GROUP IS REMOVED, THE USER WILL NO LONGER BE ABLE TO USE NOVARI ATC BECAUSE A USER MUST BELONG TO AT LEAST ONE GROUP.
To remove a group:
Click Remove beside the group name.
Confirm the removal by clicking Remove in the Remove User Group dialog.
