System Security and Visibility Settings - hmismn.org€¦ · All referenced documents are available...
Transcript of System Security and Visibility Settings - hmismn.org€¦ · All referenced documents are available...
WilderResearch
Minnesota’s Homeless Management Information System (HMIS)
System Security and Visibility SettingsSystem Administration 195
SYSTEM SECURITY
Security Features of Database
In compliance with all Federal and State laws and codes
(including HIPAA)
Internet communications are SSL encrypted
Database is encrypted; servers are stored in a vault
“Closed” system (moving towards a system with more
sharing)
Not linked with other databases
Each end user has a unique username and password; audit
trail follows users’ actions in the system
General Tree Structure
Level 1 - Wilder Research
Level 2 - CoC Coordinator
Funders and LSAs
Level 3 - Agency
Level 4 - Agency Project
Level 5 - Project Breakout
Tree Structure
Access to Data
Administrative Access CoC Coordinators
Local System Administrators (LSAs)
Funders
Visibility Groups Agency Visibility
Complex Agencies
Funders
Data Sharing (Provider-to-Provider)
Agency to Agency
Agency Agreement
– Allows for client data to be entered into HMIS
Local HMIS Data Use and Administration Agreement
– Indicates whether or not an Agency’s project information can be
visible to the Local System Administrator/CoC Coordinator.
Data Privacy Notice and Consent– Indicates whether the client is in the system as a named client or
anonymously
Release of Information (ROI)– Indicates whether client data can be shared with another agency
Documents Which Influence Security and Visibility
All referenced documents are available for download at hmismn.org
Signed form: Enter full name and social security number
(SSN) (identifying information) into database
Unsigned form: Do not enter name nor social security
number; enter client anonymously in database
Each adult must receive their own form; adults sign for
their minor children
Unaccompanied youth may sign on their own behalf
Households can have both identifiable and anonymous
members
Client can go from anonymous to identifiable once the
consent form is signed
Data Privacy Notice and Consent
All referenced documents are available for download at hmismn.org
All agencies can share de-identified (aggregate level)
demographic information from reports
State funders and Grantees can view information entered into
HMIS for projects they fund
Non-HMIS users can access paper forms
As we move to a more open system, data sharing pilots are
testing data sharing practices for later implementation
HIPAA covered agencies can share data under specific
circumstances
Domestic Violence programs funded by HUD or VAWA cannot
use HMIS
Data Sharing and Privacy FAQs
All referenced documents are available for download at hmismn.org
Currently only for agencies that share HMIS
client records with other agencies
ROI’s are recorded as a visual indicator that
your client has agreed to share data with
another agency.
Update ROIs when they expire
Contact Wilder to review your security or if you
would like to talk about sharing data
ROI Tab
Know your padlocks:
– Red padlock = client data can only be seen by users
with access at that provider level
– Red padlock w/exclamation point = Client data is
shared with another provider. Could indicate sharing
within your own agency (common) or sharing with
another agency (less common).
– Visibility groups have been applied
– Green padlock = client data can be seen by anyone in
Minnesota with a ServicePoint license (call Wilder
immediately)
Security: Data Privacy
VISIBILITY SETTINGS
• The user can always see their provider's data.
• An Agency Administrator or Case Manager III
can always see subordinate provider's data.
• System Administrators II can see every
provider's data, even if that data is closed.
System Visibility - General Rules: User Roles
System Visibility - General Rules
These rules apply whether or not there is data
sharing set up.• The user can always see data the parent provider has entered.
• By DEFAULT, all data is stored within the Provider where the
data was created.
• Data is ONLY shared with additional Providers IF specifically
configured under the “Visibility” section of a Provider’s Profile
Visibility is controlled in several ways
– Security padlocks
– Visibility Settings on the Provider Page
– Visibility Groups
Visibility Control
Padlocks are located in several sections of the Client
Record. They display visibility/sharing for each section.
Click padlocks to view visibility settings.
Some examples are:
– Client Record – controls Name and SSN
– Client Demographics
– Entry/Exit
– Needs – controls visibility of services and referrals
– Measurements – controls visibility of Matrix
– Assessments
– Each assessment question has its own padlock
Padlock Controls - Visibility
• Provider “Visibility” and “Enter Data As” can be used
to apply visibility rules
– The “provider creating” determines the visibility
rules for that data.
– In MN’s HMIS, users are given EDA access to all
providers in their agency (typically).
Using EDA, users can select the provider
where data is created.
– The visibility rules for that provider are then applied
to the data created.
System Visibility – Special Rules
Navigate to the Provider Page:
– Click on Admin
– Click on Provider Admin
– Choose the Provider
• Search by name or number
System Admin Navigation – Visibility Settings
Use triangles: to expand, to
minimize
Visibility Tab
The “Visibility” tab determines what client data, if any, will
be sharable by the provider beyond the rules basic rules of
visibility.
Visibility for data is set based on the default Visibility of
Provider Creating the data. That Provider's default Visibility
will be applied to the data that's created.
Default visibility is comprised of two tabs - Static and
Dynamic.
Visibility Tab – Static Elements
Static Elements are elements that once created rarely, if ever,
change.
Sample Static Elements where visibility is configured: (bolded
ones are most common)• Case Manager
• Case Note
• Client
• Client Demographics
• Client Note
• Entry/Exit
• Measurement Tools Data
• Need
Visibility Tab – Static Elements
Here you can apply Visibility or Deny Groups. Deny Groups always override Visibility
Groups. To add a Visibility or Deny group, click “Add Groups” and search. Click the
plus to add.
Visibility Tab – Dynamic Elements
• Dynamic Elements are elements that may change over time.
• There is a dynamic element for each assessment.
• Visibility is applied the same way it is for Static Elements.
Visibility Tab – Add visibility to multiple objects
You can add Visibility or Deny
groups to multiple objects
(elements) at one time
Visibility groups are used to create a group of
providers whose data can be shared with another
provider.
– Each agency has a visibility group to share data
between providers w/in its on agency
– Each CoC has a visibility group that is applied to data
the CoC Coordinator/LSA should see.
• Data is not shared between providers in the CoC, it is shared to
the CoC Coordinator/Local System Administrator.
– Each Funding group has a visibility group so that
funders can see data for providers funded by that
source
Visibility Groups
Providers can share data to a Visibility Group rather than
listing each provider that can view data by selecting the
group rather than individual providers
Once a Visibility Group is created and applied to one or more
providers, new providers can be added to the group and will
be able to see data that is being shared with the previous
members of the group.
The “Global” Visibility Group is automatically created and
contains all ServicePoint providers within an implementation.
It auto-updates to include new Providers as they are created.
– Global visibility is not used in MN HMIS at this time.
Visibility Groups
Reporting groups are created for use when
running reports for a selected group of providers
ServicePoint Reports and ART reports can be
used with reporting groups
– Not all ART reports are set up to use reporting
groups.
Reporting Groups
Creating a Reporting Group
To Create a Reporting Group:
Click the Provider Groups button on the Admin
Dashboard
Click the Reporting Groups sub-tab
Click “Create New Group”
Creating a Reporting Group
• Name the group
• Provide a description of its uses
• Click “My Provider” for Provider Access
• This allows only users at your provider to
access this group
• Save• NOTE: The Sharing Group Type and the Access Level
Provider cannot be altered after the sharing group is saved
Creating a Reporting Group – Adding Providers
• Click Manage
Providers
• Search for a
provider you
want to add
(user Provider
ID#)
• Click the “Plus”
to add to your
group
• Click Exit when
complete
Navigate to the reporting dashboard
Using Reporting Groups – ServicePoint Reports
Common
useful reports
are circled in
green
Using Reporting Groups – ServicePoint Reports
Choose Reporting Group
Search for and select your
reporting group. Click the
plus to select.
Navigate to ART
Select the report folder and report to run
Click the next to the report to run
Select “View Report” or “Schedule Report”
Using Reporting Groups – ART Reports
Use the report prompt to select the Provider
(Reporting) Group
Using Reporting Groups
Type in your group name
and click the binoculars
Double-click to select the
group you want
Complete the remaining
prompts and click “Run
Query”Note: Not all reports are built to use
reporting groups.
State System Administrator
– Retains all user agreements
– Understands all aspects of visibility and security.
– Configures all visibility settings and applies visibility to providers
– Creates and manages State reporting groups
– Main contact for troubleshooting issues related to visibility
LSA/CoC Coordinators/Funders
– Understands how security and visibility impacts data entry and
reporting for providers and reporting groups
– Reviews visibility settings
– Creates and manages local, CoC, and Funder specific reporting
groups
• EA users should not edit Wilder created reporting groups
System Administration Roles
For Help
Consult online help (www.hmismn.org)
Call or email the Helpdesk (Available: 8:30-4:30 M-F)
– (651) 280-2780
– 1(855) 280-2780 and ask for HMIS Helpdesk
– Email: [email protected]
• Please use client ID number and initials instead of name in
email correspondence
Please complete the required quiz. Link
available at:
www.hmismn.org/expandedaccess/index.php
THANK YOU FOR WATCHING!