The FirstReport Online application provides flexible user permissions and access controls that allow you to configure the application to satisfy your specific needs.
In the context of the FirstReport Online application, user permissions refers to the ability to restrict individual user access to application functions. Access controls refer to the ability to restrict individual user access to organization levels and the data created in and under those levels.
For each user created in the application, the permission type and access level can be independently set. The combination of each user's permission and access level governs the information to which they will have access and what they can do with the data they access.
User permissions and access levels are discussed in detail in the following topics:
- Access Controls
By integrating the user permissions and access control scheme, it is possible to create sophisticated control schemes to suit large organizational structures. On the other hand the system does not require a sophisticated control scheme. The system is designed to handle controls that are very complex or very simple.
When a new company account is created, the process requires that one employer level admin account be created in addition to one location and one department. This is the minimum required configuration which may be perfectly suitable for a small employer with a few employees. For a larger employer with multiple locations, the employer level admin is only required to create the shell of each location (i.e. create each location giving only the minimum required fields of information). They can then create an admin user profile for that location and push the responsibility for completing the location information down to that location level admin. The location level admin would then create the departments, hospitals, physicians, carriers and claim administrators appropriate for that location. The location level admin could also create the employee profiles within the departments within that location or they could create a department level admin for each department and push the responsibility for creating the employee profiles down to the individual department administrators. The department admin could create users for their department who could create and edit incident reports for their department.
The system also allows responsibilities to be pushed sideways. In the previous example, the first employer level admin, created during the new account setup process, could choose to create another employer level admin and push all of the responsibility over to them. This second employer level admin could then create each location and the location admin's and push responsibility down to them. Each location level admin could in turn create a second location level admin and push all (or part) of the responsibility over to them. One location level admin could be responsible for setting up and maintaining the first 4 departments and the other could be responsible for setting up and maintaining the last 5 departments.
Another possible scenario would be to push administrative responsibilities down to the locations and departments and then create an employer level user that would create and edit all incident records for all locations and departments within the company.
Another scenario would be to create two login profiles for the same person. That person could then have administrative responsibility for a single location through one user profile but also have user permission for all other locations through the second user profile.
Finally, one more set of scenarios to consider. Remember that the control scheme described here is running in an internet based application. This now brings the possibility of not only pushing responsibility down and sideways but also pushing it out. A location within an employer could retain admin responsibility for their location but push the user responsibility for creating or updating incident reports to another under-utilized location within the same employer. The other location could be across town, across the state or even across the country. To take this scenario one step further, the location handling the user responsibilities would not have to be part of the same company. The job of creating and updating incident reports could be outsourced entirely.
The previous examples illustrate the basic flexibility of the system. Once you understand the basic concepts, you are free to create a unique solution the works for you.
Access controls restrict the data to which a user has access. Users can be created at any level within the FirstReport Online organization hierarchy. When a user is created at a particular level, that user has access to the incident records and profile data at that level and at all levels below that level.
For example, if a user is created at particular location, they will be able to access profile data created at that location and for any departments created under that location. They will also be able to access incident record information created in any of the departments under that location. They will be able to create OSHA Log and Summary reports for that location which will "rollup" data from all of the departments below. They will also be able to create OSHA Log and Summary reports for any specific department under that location.
In a similar fashion summary reports and data manager functions can also be performed at that location level to "rollup" data from all of the departments below. The summary reports and data manager functions can also be performed for any department under that location. The user will not be able to access any data created at or under another location within the same employer. A user created at the employer level of the same company would be able to perform the same functions for all departments in all locations within the company.
Admin Permission Level
Admin permission level allows a user to utilize all of the application features appropriate for the level at which they log in to the system. This permission level is intended for those users that will be responsible for administering the application within an organization or portion of the organization.
Administration of the application includes:
- Creating new levels within the FirstReport Online Organization Hierarchy
- Managing the organization levels
- Creating new user accounts and establishing the permission level and access control
- Training new users and managing their accounts
- Managing Incident Record Information
- Create and manage profile information accessed through the Form Assistant
- In addition to managing their account, admin users have full capabilities to create and edit incident records and generate OSHA and summary reports.
User Permission Level
User permission level restricts access to those functions which center around the basic incident record information.
User permission level allows you to:
- Create new incident records
- Edit existing incident records
- Create printed incident reports
- Creating OSHA Logs and Summaries
- Create basic summary reports