Manage Users & Groups

Use the following resources to learn about managing users, user groups, application roles, license types, and Case Access Group Security.

Note Beginning with 24R1 in April 2024 and for all subsequent releases, Vault Safety General Release Help content is moving to a new site. Test the new site using Limited Release content.

Create & Manage Users

Vault Online Help provides complete information about Creating & Managing Users in your Vault.

Create & Manage Groups

Groups are key to managing user access in Vault. Vault Online Help provides complete information about Creating & Managing Groups in your Vault.

Vault Safety License Types

In Vault, each user has an assigned license type. The license type grants the user access to functional areas in Vault Safety. The license is the highest level of access control in Vault Safety.

Vault Online Help provides complete information on license types.

Manage Application Roles

Vault Safety controls user access to information and records at the organization level. Each time you add new user or Organization to Vault Safety, you must assign application roles. Assign application roles by creating User Role Setup records.

Users must be assigned an application role in their organization to see Case-related data and participate in Case Processing workflows. A single user can have a different role in each organization they have access to. You can assign users to multiple organizations and multiple roles per organization.

Vault Online Help provides complete information about Managing Permissions with User Roles.

Manage Security Profiles

In Vault, each user has an assigned security profile. Each security profile includes one or more permission sets. Each permission set grants the user access to functionality in Vault Safety.

Vault Online Help provides more information on Vault security profiles.

Permission Set Security

A user’s Security Profile must contain a Permission Set granting them the appropriate access to Inbox Items. Vault Online Help provides more guidance on configuring Permission Sets.

Lifecycle State Security

Administrators can optionally configure additional security at the object lifecycle state level, using object lifecycle roles. Vault Online Help provides more information about configuring object lifecycle roles.

Atomic Security

Administrators can optionally configure granular permissions at the field-level using atomic security.

If you configure atomic (field-level) security, the system adheres to those settings configured at the field-level. Edit, Read, or Hide permissions can be configured within each state for a field.

Vault Online Help provides more information about atomic security.

Note Atomic security is not supported for Inbox Item child section fields (Products, Patient, Case Contacts, and Medical Events).

There are two methods to view the Inbox Item fields that are supported by atomic security in the Admin area:

  • In Users & Groups > Permission Sets > Case Intake Actions, select the Object tab and then select Inbox Item.
  • In Configuration > Objects > Inbox Item, go to the Fields tab.

Case Access Group Security

If your organization uses Case Access Group Security, which is an alternative to Dynamic Access Control (DAC) on Inbox Items and Cases, see Case Access Group Security for details on adding users to Case Access Groups.


Configure Blind Protection Relatedness Override
Manage Case Access Group Security
Feedback?