General Security

Security Measures

Eceptionist’s network of distributed security ensures protection throughout the entire user process – in Eceptionist’s own computer systems, during the transmission of data, and on the end user’s computer. Security measures have been implemented including the requirement of all users to use an approved browser to access the service, 256-bit encryption,

Secure Socket Layer, timed log-off, alias functionality, individualized passwords, full database encryption, cell level encryption support, firewall, and constant surveillance of the entire Eceptionist platform. In addition, Eceptionist’s audit trail tracks all input entered into the system and all “user views” as it relates to anything patient oriented.

User Role-Based Security

The Eceptionist system implements role-based security to control the use and access of the system. User roles are based on the collection of privileges that are granted by administrators. For example, low-level users can book appointments and higher level users can schedule clinics and close out appointments.

The Eceptionist user is assigned into a group, based on the role the group is playing, to be identified by the system. Combined with site access, group policy, menu access control and other variables, Eceptionist has created a comprehensive access control system with enough flexibility to meet all potential scenarios.

Group and Membership

A group is simply a set of users that have a common set of functional permissions and site access within the system. The attributes and privileges that a user is granted is based on the user’s group membership. Users can obtain multiple memberships by belonging to different groups.

User Menu Access Control

Eceptionist’s menu system is dynamically generated based on user role and membership. By having a dynamically generated menu system, the main application is separated from the access control, adding an additional layer of protection. For example, even if an unauthorized user has logged on the system, the user would not be able to access any system resources or view any of the system pages, since the user does not have any menu permissions.