Security Gates
Definition
Security Gates are access points within different areas of Allscripts Enterprise EHR which can be restricted or allowed based on a user's role within an organization. Security Gates are managed from TWAdmin > Security Admin (VTB) > Security tab (HTB) > Security Gates (drop down).
Note: Items with * below indicate carryover from v10
Security Gates
| Gate | Definition | When Gate is "Locked" |
| Can Prescribe* | Allows a user to prescribe a medication under user's own name | Unable to prescribe medications under user's own name |
| Break Glass* | Allows user(s) to see secured documents by means of the "Break Glass" icon in the patient banner | User(s) cannot break glass to view secured documents |
| Confidential Patients* | Used when the Practice Management System defines a patient as confidential | Patient chart cannot be accessed, tasks cannot be sent regarding this patient to user's without this code, and name is hidden on daily schedule |
| Chart-View* | Allows viewing access to patient charts | Cannot view patient charts |
| Chart-Edit* | Allows access to edit patient charts | Unauthorized users can view, but cannot edit patient charts |
| Chart-Print* | Allows access to print patient charts | Unauthorized users can view and edit patient charts, but cannot print patient charts |
| Chart-PrintChart-Set System Templates* | Allows access to set system template(s) when printing charts | Cannot set system template(s) when printing charts |
| Results-Verify | Allows access to verify results | Cannot verify results |
| Results-Edit | Allows access to edit results; this code is needed to add vitals or to manually enter in-office or point-of-care results such as a Rapid Strep or Urinalysis | Cannot enter or edit results or edit vitals |
| Results-Invalidate | Controls the ability to invalidate results | Cannot invalidate results |
| Document-Invalidate | Controls the ability to invalidate documents | Cannot invalidate documents |
| Document-Reconcile | Allows correction of unstructured documents (typically these are transcriptions received via ConnectR | Cannot correct unstructured documents |
| Document-Management | Allows for management of documents in the Document Management workspace | Cannot access Document Management workspace or perform the functions unique to this workspace |
| Chart-PrintChart | Allows for printing of more than one document from a patient chart via the "Print Chart" button | Print Chart button is disabled and user can only fax one document at a time |
| Restricted Patient Access Security Code | Grants unrestricted access to patients assigned to this Patient Security Access Group | Access to chart is restricted by a prompt asking for password entry and notification of chart actions undergoing a detailed audit |
| Employee & Family Patient Security Code | Grants unrestricted access to patients assigned to this Patient Security Access Group | Access to chart is restricted by a prompt asking for password entry and notification of chart actions undergoing a detailed audit |
| VIP Patient Access Security Code | Grants unrestricted access to patients assigned to this Patient Security Access Group | Access to chart is restricted by a prompt asking for password entry and notification of chart actions undergoing a detailed audit |
| Results-EditInterface | Provides access to edit results that are automatically filed via the interface | Cannot edit results that are filed via the interface |
| Physician Administration Tool Admin | Allows users defined with the Physician Admin Tools as part of their workspace to create/edit items in the PAT menu | Cannot create or edit items in PAT |
| Physician Administration Tool Group Lead | Allows users defined with the [[PAT|Physician Admin Tools] as part of their workspace to create/edit items as Group Leader for other users in their group in the PAT menu (example: Radiologists) | Cannot create or edit items for other users |
| EReply | Allows user(s) to send messages to patients via the Patient Portal | Cannot send messages to patient through the portal |
| Clinical Desktop View-Edit | Grants a user to edit their own Clinical Desktop views. | Cannot edit their own Clinical Desktop views, however a user can still switch between their pre-defined views |
| ChartViewer View-Edit | Grants a user to edit their own ChartViewer views. | Cannot edit their own ChartViewer views, however a user can still switch between their pre-defined views |
| Can Renew | Allows renewing of medication while still restricting modifying existing meds or adding new meds | Cannot renew medications |
- Chart-Alert-View - allow/disallow viewing of Chart Alerts on the Clinical Toolbar.
- Chart-Alert-Edit - allow/disallow creating or editing of Chart Alerts on the Clinical Toolbar.
- Non-Med Order Protocol - skips creating a task to "Authorize Order" when a user with out the proper ordering authority requests a non-medication order. Allows user to select "By Protocol" when ordering to accomplish. When assigned to a non-provider, this configuration gives an organization/practice the ability to circumvent the Prospective Authorization task and indicates that Verbal authorization was granted or the established protocol was followed.
- Med Order Protocol - skips creating a task for the prescribing Physician for users who are authorized and are prescribing a level II medication. Allows user to select "By Protocol" when ordering to accomplish. When assigned to a non-provider, this configuration gives an organization/practice the ability to circumvent the Prospective Authorization task and indicates that Verbal authorization was granted or the established protocol was followed.
- WorkListAdmin - controls the ability to administer the worklist views of other users. This would be given to the same types of people that would get the ability to create task lists (think of it like enterprise task views). Typically this would not include Help Desk users, but certainly administrators and occasionally site admins.
- Worklist View - Edit - same as Clinical Desktop View-Edit except for Worklist View.
- Note View - Edit - same as Clinical Desktop View-Edit except for Note View .
- TWUser-Provider-Edit - Allows the user to adjust only usertypes of provider details within TWAdmin.
- TWuser-User Edit - Allows the user to adjust only usertypes of user details within TWAdmin.
- Patient Report Exempt-Edit - Restricts or permits users to edit the Patient Report Exempt.
- Can Reprint/Resend Rx - Allows the user to reprint or resend a prescription, but does not grant them the ability to write a new prescription.
- Patient Profile Edit - locks down the whole Pat info screen, which will prevent users from adding chart alerts or changing the patient's PCP - see also Lock PCP.
- Order-Edit - Allows the user to edit an existing order (i.e. a physician places an order and then someone without the proper “ordering authority” needs to update the order with needed information).
- Recommendation View - Restricts or permits users from viewing recommendations.
- Recommendation Edit - Restricts or permits users from editing recommendations.
- CQS Access - Restricts or permits a user from accessing CQS.
- Chart Download - Restricts or permits using the Chart Download option in Chartviewer.
The following cannot be turned off in Security Gates
- Print Queue-View Rx - allows for viewing of Rx jobs in Touchworks
- Print Queue-View Chart Item - allows for viewing of Chart Item jobs in Touchworks
- Print Queue-View Coversheet - allows for viewing of Coversheet jobs in Touchworks
- Print Queue-Reroute Chart Item - allows for viewing of Reroute Chart Item jobs in Touchworks
Back to Security