Learn about managing application roles, atomic security, and Case Access Group Security.
Manage Application Roles
Vault Safety controls user access to information and records at the organization level. Each time you add new user or Organization to Vault Safety, you must assign application roles. Assign application roles by creating User Role Setup records.
Users must be assigned an application role in their organization to see Case-related data and participate in Case Processing workflows. A single user can have a different role in each organization they have access to. You can assign users to multiple organizations and multiple roles per organization.
See Managing Permissions with User Roles for more information.
Atomic Security
Admins can optionally configure granular permissions at the field-level using atomic security. See Configuring Atomic Security for Objects for more information.
If you configure atomic (field-level) security, Vault adheres to those settings configured at the field-level. Edit, Read, or Hide permissions can be configured within each state for a field.
Note: Atomic security is not supported for Inbox Item child section fields (Products, Patient, Case Contacts, and Medical Events).
There are two methods to view the Inbox Item fields that are supported by atomic security in the Admin area:
- In Users & Groups > Permission Sets > Case Intake Actions, select the Object tab and then select Inbox Item.
- In Configuration > Objects > Inbox Item, go to the Fields tab.
Case Access Group Security
If your organization uses Case Access Group Security, which is an alternative to Dynamic Access Control (DAC) on Inbox Items and Cases, see Case Access Group Security for details on adding users to Case Access Groups.