Practice Intel: 

Creating Roles & Users

Roles & Users

The platform gives you the ability to have granular control over who can access which parts of your data.

Roles: Roles provide a robust security feature that empowers you to define distinct levels of access for various groups of users. With roles, you can assign specific permissions, privileges, and restrictions to different user groups based on their responsibilities, job functions, or organizational hierarchy. By customizing roles, you maintain control over the actions and data accessible to each user, ensuring a granular and secure access management system within your application. This feature enhances data protection, minimizes the risk of unauthorized access, and promotes a structured approach to user permissions and privileges.

Users: Entering a user into the system enables you to add individuals and grant them access to the application based on their roles and responsibilities.

Setting Up Roles and Users

In order to set up Roles and Users you must first navigate to the Admin panel. You can find the link to this at the bottom of the left-hand navigation bar. Click “Admin”:

From the next window, click on your organization’s name.

From here you will have access to all the tools in the Organization panel:

Creating a Role

Select “Roles” from the Organization panel:

From here you can see/edit existing roles and create new ones. By default, there are two roles created for you in the platform:

• org_admin

• senior_leadership

Both of the above roles have identical access to all of your organization’s data within the platform. However, only the “org_admin” role has the permission enabled which allows for access to the “Admin” page and the creation of new platform users.

To create a role, click on “Create”:

This will take you to the role creation page:

After naming the role, you can optionally select the role scopes. This feature enables you to choose the customers, clinics, and providers that a role can access, but only if the “Access Other Providers’ Data” permission is enabled. Users without the “Access Other Providers’ Data” permission will only be able to access their own data. 

Your sidekick-only users will not need access to scopes, as they only govern access to data within the Practice Intel platform.  Once you have completed your selections, the Confirmation section will display a comprehensive list for your review.  If you choose to change the access for a specific provider, this can be changed in the future.

Note: As the description mentions, the highest scope will take precedence.  If you want to just select certain providers, leave the Customer and Clinic option at 0 and only select the Provider(s) you want to display.

In the permissions section, you have the flexibility to determine the level of access the user role should have, including the ability to enable or disable advanced features. For instance, when creating a role for administrators, you may choose to grant them access to the Admin screens, while clinic managers may require access to CPT Insights and Coding Efficiency, among other specific functionalities.  Different organizations will have access to different permissions; your list of permissions may not exactly match the image above.  To learn more about specific permissions please see this support document:  Defining Permissions in the Platform

Note: permissions are additive across roles.  If a user is assigned one role with the “Can Access Self-Serve Admin” permission, and another role with the “Can Access CPT Insights Page” role, that user will be granted both permissions.

Editing a Role

Once a role has been created you can return to the Roles page at any time to edit it. Once here, click on the ellipses and click “Edit”:

From here you can then change the role permissions, see which other users are assigned to that role, add more users to the role, and even access user specific details by clicking on the ellipses.

Creating a User

Select “Users” from the Organization panel.

Creating a Single User

This workflow is recommended for creating 5 or fewer users. To create a single user, click on “Create”:

Link the user to one or more available roles, and enter the user’s email address. You can also optionally click the “+ Add Provider” button to link that user to a provider in your EMR data, if Prediction Health has ingested your EMR’s retrospective data. Finally, you’ll want to choose how to set the password for your new user:

• For most users, you will leave the ‘Send “Set Password” Email’ option selected.  This will notify your new user that they can create a password and log in to Practice Intel.

• To create a password manually yourself for a user, select the “Choose Password” option.

• SSO users’ passwords will be managed by their SSO platform, so for those users you should select the ‘Skip’ option.

“Create Another User” from this screen will enable you to quickly create another user after pressing the Create button.

Creating Multiple Users

Should you be creating >5 unique users we suggest using the bulk import method. To initiate this, click on the ellipses from the Users panel and select “Bulk Import Users”.

Download the CSV template under item 1. Save this template on your computer.  If your EMR data has been processed by PredictionHealth, the template will be populated with the names and IDs of your providers. Open the CSV in Excel or Google Sheets and fill in the email column with the emails that match the provider names in the spreadsheet, and save your changes.  Then, back on the bulk import page, click on “Choose File” and upload the CSV file.

Assigning Roles to Users

Once the CSV file is uploaded you then have several options for assigning roles to your users.

Choose Role(s) to Give to ALL Imported Users

Selecting this option allows you to select one or more previously created roles or to manually create a new role for every user in the imported batch. 

Selecting a role from the dropdown menu allows you to link all imported users to an existing role. Clicking on the “+” button will allow you to create a role from this window that will apply to all of the imported users in this step.

Choose Role(s) to Give to EACH Individual Imported User

This option allows for you to either select an existing role for each individual imported user or to manually create a unique role (“+”) a role for each individual imported user. If you choose to create a new role for the user you can follow the same parameters outlined in the previous section. You must choose an existing role or create a new role for each user being uploaded in order to submit the form.

Start the Bulk Import

Once you have selected which role to give your users (in step 3 above) you will see an additional menu selection prompting you to create your users. Keep the checkbox next to “Send ‘Set Password’ emails to new users” checked unless you are using a single sign on (SSO) login for your organization or if you plan on manually setting up your users’ passwords yourself.

For most use cases, it is suggested that you keep the “Set Password” box checked.