Security Tutorial - Users & Groups, Permissions and Security Groups Manager
Security Tutorial - Users & Groups, Permissions and Security Groups Manager
The security section of the left menu in CAC CareNet allows you to manage which users are assigned to which security groups, what permissions are assigned to which security groups, and in choosing which security groups exist for your agency. in other words, this is where you tell the system who should be allowed to do what within CAC CareNet.
For this to make more sense, we will tackle these in reverse order from how they are displayed in the system.
Security Groups Manager
Determining which security groups you have visible in CAC CareNet is the first step in this process as you need to be able to identify which group employees will belong to. The group an employee belongs to will determine their permissions in the system. Choosing which groups your agency will use will depend heavily on your staffing structure and their roles within your agency. As an example, let's look at a staffing structure we see with many of our agencies:
- Executive Director
- Operations Manager
- Program Director(s)/Managers
- Forensic Interviewers
- Medical
- Therapy
- Advocates
- Volunteers
Agencies with this staffing structure often choose the following security groups and permissions profiles:
- Executive Director
- Administrator
- Forensic Interviewer
- Medical
- Mental Health
- Volunteers
To make these or other groups you want to use available, first click on "Security" on the left menu, then click "Security Groups Manager"
Once in the "Security Groups Manager" window, you'll see a list with "Group Name" in the left column, and "Visible" on the right. Any groups that are currently visible will have a check mark in the visible column.
If you see a group that you want for your agency in this list, but the visible column is not checked, simply click on "Edit List" at the bottom of the page and then check the box in the right - VISIBLE -column corresponding to the option you want. Then click "Save Changes."
NOTE: You cannot remove the visibility of security group that users are assigned to. You will have to create the group you want, reassign users to the new group, then you can remove visibility for the old one. To reassign users to a group, check out the "Users & Groups" section below.
If you do not see the option you want listed, click "+Add Group Type" and enter a name for the group in the "Group Name" text box that appears. Be sure to click on "Add Security Group" to save your addition.
This item will be added to the list and marked "Visible" by default.
Now that we have our security groups set, let's figure out which permissions should be assigned to each group.
Permissions
So in the security groups section we determined which groups we wanted. Now we choose each group and tell the system which permissions should be allowed to all users assigned to that security group. With the granular permissions available within CAC CareNet, you'll love how specific you can be in allowing users access to information.
Based on the structure we used above, this is typically how we see the permissions being structured.
Executive Director: ALL permissions, including the ability to delete a client.Administrator: All permissions, except for the ability to delete a client. These people are usually the ones that are setting up and acting as your internal CAC CareNet administrators so they'll need access to all areas to be able to support your other employees using the system. These may be your Operations Manager & Program Managers.Forensic Interviewers: You will define the permissions specific to their needs in terms of entering information based on the services they provide, and limit their access to just the information they'll need to effectively perform their job responsibilities.Medical: You will define their permissions based on how they interact with information in CAC CareNet. This may mean that they are able to view client profile information, the forensic interview details, and case/allegations, but not be able to run reports or edit non-medical information.Mental Health: Similar to medical, you may limit their permissions to information relevant to their role with your agency and therapy related services, but limit their ability to edit non-therapy related information or make changes.Volunteers: This group typically has the fewest permissions and may only be limited to viewing the client's profile and adding encounters through the advocacy tab based on their interactions with clients.
To assign permissions to a group, click on "Security" then "Permissions" on the left menu
Now, choose the security group you wish to assign permissions to by clicking the "Select User Group" drop down list at the top of the page.
You'll see that for Executive Director, all permissions are checked which means ANY user assigned to the security group "Executive Director" has ALL permissions.
To remove permissions, simply uncheck the box corresponding to the permission you wish to remove. Be sure to hit "Save" at the bottom of the list when you have finished assigning permissions to each security group.
Repeat this process for each security group you have created for your agency.
We recommend only allowing one security group, typically the agency director the ability to delete clients to prevent this from happening accidentally.
Once you have assigned permissions to each security group, you are ready to assign users to their security group!
Users & Groups
Now that you've created your security groups and assigned permissions to each group, it's time to assign your system users to the correct security group.
If you need to add system users, click "HERE" to view the step-by-step tutorial (This will open in a separate tab)
On the left menu, click "Security" then "Users & Groups"
Click the drop down menu "User Group" and choose the security group you wish to assign users to. In the image below, you'll see "Executive Director" is selected.
Once you've selected the group, check the box next to the user or employee's name you wish to assign to that group. Typically there's only one Executive Director, so I would find that person in the list, check the box next to their name and click on "Save"
You should now see the individual(s) you have assigned to selected security group:
Repeat this step for each security group you have elected to use for your agency. You will likely find that some security groups such as volunteers have more than one person assigned to them.
For agencies that have a structure with different levels of administrators, you may choose to set up your security groups as Admin 1, Admin 2, and Admin 3. In this case, when you assign permissions, one security group may build off the others. For example, Admin 1 may only have one layer of permissions, but you may want Admin 2 to have ALL of Admin 1's permissions AND a second layer. Admin 3's may would have both Admin 1 AND Admin 2's permissions AND a third layer. In this type of scenario, you would then assign the employees/users that are Admin 2's to BOTH the Admin 1 security group, AND the Admin 2 security group. Admin 3's would be assigned to Admin 1, Admin 2 AND Admin 3. This means that one user can belong to multiple security groups.
Related Articles
How to Check a Personnel's Security Group - Step by Step
To easily check a personnel's security group follow the steps below: Step 1. Expand the personnel tab and press the search option. Step 2. Once on the personnel search page find the personnel you would like to check by completing a search (A). After ...Assigning a Security Role to a New User
After adding a new user to the system, the very last step is assign the user to their security role. You can do so by following these steps. You must be in the Administrator's Group to Perform these steps: 1) Click Security: Users and Groups 2) ...Applying Permissions to a Personnel Profile - Step by Step
After creating a personnel profile the next crucial step when adding a new staff member to your system is applying a permission set to their profile. Applying an already created permission set takes a few steps, please follow along below: Step 1. ...Setting up Password Permissions - Step by Step
Within CAC CareNet users can have the ability to update and change their password whenever they need to. With the correct set of permissions this is a possibility. Please follow along below to learn more about updating a user group with this option: ...Modifying Calendar Groups - Step by Step
Within CAC CareNet's calendar you have the ability to setup multiple calendars to better organize events within your organization. Those separate calendars can also be attached to specific personnel with unique permissions. To learn more about ...
Announcements
Browser Compatibility (Support for IE 11 Discontinued)
CAC CareNet provides support for many of the latest browsers. We strongly recommend that agencies use one of the following: Google Chrome FireFox Safari Microsoft Edge Microsoft Chromium Edge *New Development and Support for Internet Explorer 11 has been discontinued. Please update to one of the for-mentioned browsers.