Purpose
This article explains how user roles and permissions work in Medicus, and how to add or remove user roles for an existing staff member.
In Medicus, permissions are granted by assigning each staff member one or more user roles. Each user role provides access to a defined set of permissions, which control what actions a user can perform and what data they can view.
A staff member can hold more than one user role at the same time — for example, a Doctor who also needs access to audit logs would be assigned both the Doctor and Clinical Management roles.
Permissions
| Name | Description |
| Staff Basic Actions | Grants access to things that any user could do such as change their password. |
| View Patient Administrative Details | Allows the user to perform actions such as find a patient, view demographic and contact information. |
| Update Patient Administrative Details | Allows the user to update demographic and contact information. |
| View Patient Care Records | Allows the user to view the care record of a patient. Please note: for clinical safety reasons, Medicus does not implement permissions that grant or deny access to individual sections of a patient’s care record. |
| Update Patient Care Records | Allows the user to update the care record of a patient. |
| Manage Users | Allows the users to add new staff members to Medicus and update their user roles. |
| View Staff Administrative Details | Allows the user to view administrative details such as staff demographic and contact information on the staff profile. |
| Update Staff Administrative Details | Allows the user to update administrative details such as staff demographic and contact information on the staff profile. |
| Configure Medicus | Allows the user to manage the setup and configuration of Medicus. |
| Information Governance Audit | Allows the user to view audit logs and other information governance features. |
| Manage Content | Allows the user to create and maintain content such as consultation templates. |
User roles
| Role | Permission |
|---|---|
| Clinical Management | All permissions |
| Operational Management | All except: Remove Care Record Data |
| Doctor, Nurse, Pharmacist, Healthcare Practitioner | Staff Basic Actions View/Update Patient Admin Details View/Manage Patient Appointments Send Patient Communications View/Update Patient Care Records Manage Stock Inventory |
| Clinical Admin | Same as Doctor + Manage Staff Rota & Appointment Schedules |
| Clerical | Staff Basic Actions View Patient Administrative Details View Patient Appointments Send Patient Communications View Patient Care Records Update Patient Care Records Update Patient Administrative Details Manage Patient Appointments |
| IT Support | Staff Basic Actions Manage Users Manage Stock Inventory Configure Medicus |
| Content Author | Staff Basic Actions Manage Content |
| External Clinical Staff | Staff Basic Actions View Patient Administrative Details View Patient Appointments View Patient Care Records |
Adding a user role to a staff member
To add a user role, go to Modules > Staff & User Management and select the staff member from the list to open their profile.
Select Add user roles from the User Roles section.
Select the user role you would like to assign from the list and select Save. The role will appear immediately on the staff member's user role list, and they will receive an email confirming that a new user role has been added to their account.
Removing a user role from a staff member
To remove a user role, open the staff member's profile and select Login & Security from the side navigation bar. Select the user role you would like to remove. In the pop-up that appears, select End role, then confirm by selecting Yes, revoke user role.
The user role and its associated permissions will be removed. The role will still appear in the user role list with an end date recorded.
Revoking all access at once
The Revoke access button on a staff member's profile removes all user role permissions in a single action. This should only be used when a staff member is being archived.