Because of staff changes or turnover, it is recommended to review User Access to the HRA portal at least annually, if not more frequently. Accounts can be deleted or disabled with the click of a button, making it easy to protect user health information. Administrators have the ability to make these changes or you can let Medicom know and we can edit on your behalf.
Did you know that there are two ways to review users and their access in the portal?
The first option is to select the white gear icon Users. Here you will find a list of individuals who have access. If the account has been disabled, that will be noted.
By clicking on a name, you can assess what level of access users have, which can include it be customizing the HRAs, viewing reports, or even raw data. In addition, you can restrict access to specific HRAs or locations. And do not forget to review Vendor logins!
Secondly, we have Audit Logs, which can be filtered by event and date range. This page keeps track of all user’s history and activities in the portal for your record. Deleting a user will not remove their history from this log but is a nice way to see who is doing what inside the HRA portal.
And if this wasn’t enough, you can even set-up two extra security measures. One is a password rotation and history requirements for all your users within the portal – meaning a user will have to change their password frequently depending on the number of days you decide. The other is to set an inactivity period to automatically disable users. If you have questions or need help adjusting access levels, let us know.