Security Gates
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Definition
Security Gates are access points within different areas of Allscripts Enterprise EHR which can be restricted or allowed based on a user's role within an organization. Security Gates are managed from TWAdmin > Security Admin (VTB) > Security tab (HTB) > Security Gates (drop down).
Note: Items below with * below indicate carryover from v10 and items with ** indicate that they cannot be turned off in Security Gates.
Security Gates
Gate | Definition | When Gate is "Locked" |
Can Prescribe* | Allows a user to prescribe a medication under user's own name | Unable to prescribe medications under user's own name |
Break Glass* | Allows user(s) to see secured documents by means of the "Break Glass" icon in the patient banner | User(s) cannot break glass to view secured documents |
Confidential Patients* | Used when the Practice Management System defines a patient as confidential | Patient chart cannot be accessed, tasks cannot be sent regarding this patient to user's without this code, and name is hidden on daily schedule |
Chart-View* | Allows viewing access to patient charts | Cannot view patient charts |
Chart-Edit* | Allows access to edit patient charts | Unauthorized users can view, but cannot edit patient charts |
Chart-Print* | Allows access to print patient charts | Unauthorized users can view and edit patient charts, but cannot print patient charts |
Chart-PrintChart-Set System Templates* | Allows access to set system template(s) when printing charts | Cannot set system template(s) when printing charts |
Results-Verify | Allows access to verify results | Cannot verify results |
Results-Edit | Allows access to edit results; this code is needed to add vitals or to manually enter in-office or point-of-care results such as a Rapid Strep or Urinalysis | Cannot enter or edit results or edit vitals |
Results-Invalidate | Controls the ability to invalidate results | Cannot invalidate results |
Document-Invalidate | Controls the ability to invalidate documents | Cannot invalidate documents |
Document-Invalidate-Without-Finalization -Authority | Allows the user to invalidate the note irrespective of Finalization Authority level of the user as compared to the Finalization Authority of the Note. | Cannot invalidate the note. |
Document-Reconcile | Allows correction of unstructured documents (typically these are transcriptions received via ConnectR | Cannot correct unstructured documents |
Document-Management | Allows for management of documents in the Document Management workspace | Cannot access Document Management workspace or perform the functions unique to this workspace |
Chart-PrintChart | Allows for printing of more than one document from a patient chart via the "Print Chart" button | Print Chart button is disabled and user can only fax one document at a time |
Restricted Patient Access Security Code | Grants unrestricted access to patients assigned to this Patient Security Access Group | Access to chart is restricted by a prompt asking for password entry and notification of chart actions undergoing a detailed audit |
Employee & Family Patient Security Code | Grants unrestricted access to patients assigned to this Patient Security Access Group | Access to chart is restricted by a prompt asking for password entry and notification of chart actions undergoing a detailed audit |
VIP Patient Access Security Code | Grants unrestricted access to patients assigned to this Patient Security Access Group | Access to chart is restricted by a prompt asking for password entry and notification of chart actions undergoing a detailed audit |
Results-EditInterface | Provides access to edit results that are automatically filed via the interface | Cannot edit results that are filed via the interface |
Physician Administration Tool Admin | Allows users defined with the Physician Admin Tools as part of their workspace to create/edit items in the PAT menu | Cannot create or edit items in PAT |
Physician Administration Tool Group Lead | Allows users defined with the [[PAT|Physician Admin Tools] as part of their workspace to create/edit items as Group Leader for other users in their group in the PAT menu (example: Radiologists) | Cannot create or edit items for other users |
EReply | Allows user(s) to send messages to patients via the Patient Portal | Cannot send messages to patient through the portal |
Clinical Desktop View-Edit | Grants a user to edit their own Clinical Desktop views. | Cannot edit their own Clinical Desktop views, however a user can still switch between their pre-defined views |
ChartViewer View-Edit | Grants a user to edit their own ChartViewer views. | Cannot edit their own ChartViewer views, however a user can still switch between their pre-defined views |
Can Renew | Allows renewing of medication while still restricting modifying existing meds or adding new meds | Cannot renew medications |
Print Queue-View Rx** | Allows for viewing of Rx jobs in the Print Queue | Cannot view Rx jobs in the Print Queue |
Print Queue-View Chart Item** | Allows for viewing of chart item jobs in the Print Queue | Cannot view chart item jobs in the Print Queue |
Print Queue-View Coversheet** | Allows for viewing of coversheets for jobs in the Print Queue | Cannot view coversheets for jobs in the Print Queue |
Print Queue-Reroute Chart Item** | Allows ability to reroute chart item jobs in the Print Queue | Cannot reroute chart item jobs in the Print Queue |
Chart-Alert-View | Grants access to view Chart Alerts on the Clinical toolbar | Cannot view Chart Alerts |
Chart-Alert-Edit | Grants access to create or edit Chart Alerts on the Clinical toolbar | Cannot create or edit Chart Alerts |
Non-Med Order Protocol | Allows user to select "By Protocol" option, giving organizations the ability to circumvent the Authorize Order task that is created when the user's preference for orders is set to Prospective authorization. This indicates that a verbal authorization was granted or the established protocol was followed | "By Protocol" option is not present upon ordering, forcing typical workflow for Prospective authorization for applicable users upon ordering non-medication orders |
Med Order Protocol | Allows user to select "By Protocol" option, giving organizations the ability to circumvent the Authorize Order task that is created when the user's preference for medication orders is set to Prospective authorization. This indicates that a verbal authorization was granted or the established protocol was followed | "By Protocol" option is not present upon ordering, forcing typical workflow for Prospective authorization for applicable users upon ordering medication orders |
WorkListAdmin | Controls the ability to administer worklist views of other users. This is typically given to the same role of users who also have the ability to create tasks views (think of it like enterprise task views, only for worklists). Typically this would not include Help Desk users, but certainly administrators and occasionally site admins | Cannot administer worklist views of other users |
Worklist View - Edit | Grants a user to edit their own Worklist views. | Cannot edit their own Worklist views, however a user can still switch between their pre-defined views |
Note View - Edit | Permits editing of Note views. | Cannot edit Note views |
TWUser-Provider-Edit | Allows modification of settings under provider detail menus within TWAdmin | Cannot edit settings under provider detail menus in TWAdmin |
TWuser-User Edit | Allows modification of settings under user details menu within TWAdmin | Cannot edit settings under user details menu in TWAdmin |
Patient Report Exempt-Edit | Permits modification of the Patient Report Exempt | Cannot edit the Patient Report Exempt |
Can Reprint/Resend Rx | Allows a user to reprint or resend a prescription, but does not grant the ability to write a new prescription | Cannot reprint/resend prescriptions |
Patient Profile Edit | Allows editing of info in the Patient Profile window | Cannot edit any information in the Patient Profile. This effectively prevents users from adding chart alerts or changing the PCP - see also Lock PCP |
Order-Edit | Allows editing of an existing order (i.e. a physician places an order and then someone without the proper "ordering authority" needs to update the order with the necessary information) | Cannot edit an existing order |
Recommendation View | Allows viewing of recommendations | Cannot view recommendations |
Recommendation Edit | Allows editing of recommendations | Cannot edit recommendations |
CQS Access | Allows access to CQS | Restricts access to CQS |
Chart Download | Allows "Chart Download" option in ChartViewer | Cannot use "Chart Download" option in ChartViewer |
CanCSInvalid | Allows the user to invalidate RTF clinical Summaries and visit summary CED’s. The user must also have the Chart-Edit security code. | Cannot invalidate RTF clinical Summaries and visit summary CED’s. |
Imm Reg Patient Matching | Permits users to view and take patient matching action on ImmunizationRegistryRespondedEvent messages with Needs Matching status from the Match Patient tab on Message Queue. | User not allowed to take patient matching action. |
Interface Error Queue Edit | Permits users to edit information on the Error Queue page, as well as pages accessed from that page, including the Message Details page, the Bridge Details page, and the Change MRN Details page. | User restricted from editing information on the Error Queue page. |
Interface Error Queue View | Permits users to view (but not edit) information on the Error Queue page as well as pages accessed from that page. | User restricted from viewing information on the Error Queue page. |
Order Billable ICD-10 | Allows users to run this report. | Restricts users from running this report. |
Override Absolute Contraindication | Enables users to override an Absolute Contraindication DUR Alert | Cannot override an Absolute Contraindication DUR Alert |
Override Do Not Release Order | Enables the provider to modify the Do Not Release check box for orders where the orderable item in the Orderable Item dictionary has the Do Not Release Flag set either to Always Release - User Can Override or Do Not Release - User can Override. | Cannot override the Do Not Release order |
Preceptor Note - Edit | Allows users to add the Preceptor Note section to a note and to edit contents of that section. | Restricts users from adding Preceptor Note section. |
CDS Exclude One Prov | Allows users to exclude patients for Point of Care (POC) recommendations for the provider who owns the recommendation. | Restricts users from excluding patients. |
CDS Suppress | Allows users suppress POC recommendations. | Restricts users from suppressing recommendations. |
PMT Access | NOTE: This security gate is only available on Allscripts Touchworks EHR systems with a successfully completed PMT server side installation. New Allscripts Touchworks EHR 11.4 clients will not see this gate since problem mapping is not required. | Restricts or permits user access |
PMT Administration | NOTE: This security gate is only available on Allscripts Touchworks EHR systems with a successfully completed PMT server side installation. New Allscripts Touchworks EHR 11.4 clients will not see this gate since problem mapping is not required. | Restricts or permits user admin access |
Security Codes
Back to Security