Security Groups and Permissions

A security group is a specific set of One IYSS permissions related to a particular job role, service or user type. Users can belong to several security groups, and hold the permissions contained by each one. This means you can create a basic security group applicable to all or certain groups of users, and then create smaller, more specific security groups to which you can add users as necessary.

Customers are responsible for the protection of personal client data, and shall regularly maintain user security and permissions, to ensure access to client data is restricted and only granted to authorised personnel.

Data Partner Permissions (DPPs) are used alongside security groups and the information entered into client records to restrict user access to records.

Example:

  • You might have a standard security group that enables all users to access the information in client records. If you only want certain users to be able to change this information, you can create a security group with only change permissions (you do not need to reassign all the standard permissions to this group).
  • If you want to restrict the ability to delete records to a strict few, you can create a further security group with only delete permissions (you do not need to reassign all the standard and change permissions to this group). Users belonging to all three security groups are able to access, change, and delete client records.

For more information on the different function permissions, see Security Permissions

Create a Security Group

  1. In the One IYSS System Administration Client, select Security | Security Group.
  2. Click the Add Value icon to display the Security Group dialog.

  1. Enter a name or description for the security group in the Short and Long Description fields.
  2. Ensure the Active check box is selected.
  3. Ensure the Default check box is deselected.
  4. Select the appropriate check boxes in the Function Permissions and Report Permissions panels.
  5. Click the OK button to save the changes and close the dialog.

Edit Security Group Permissions

  1. In the Security Group panel, double-click the required group name to display the Security Group dialog.
  2. Select or deselect the appropriate check boxes in the Function Permissions and Report Permissions panes.
  3. Click the OK button to save the changes and close the dialog.

Data Partner Permissions

Client records containing a DPP can only be accessed by users with a corresponding DPP.

  1. In the One IYSS System Administration Client, select Security | Data Partner.
  2. Click the Add Value icon to display the Data Partner dialog.

  1. Enter a name for the DPP in the Short and Long Description fields, e.g. the name of the agency accessing the client records.
  2. Ensure the Active check box is selected.
  3. Ensure the Default check box is deselected.
  4. Click the OK button to save the changes and close the dialog.

For additional information on assigning permissions see IYSS Access Rights