Understanding and effectively managing roles and permissions is crucial in maintaining the security and operational efficiency of your organization within EasyMedStat. This guide explains the role management system, how to configure permissions, and introduces the pre-configured roles that come with your organization.

Understanding Roles and Permissions

Roles in EasyMedStat are sets of permissions that determine what actions a user can perform within the platform. Permissions are specific rights granted to users that enable them to perform certain tasks, such as editing data, managing users, or viewing sensitive information.

Types of Roles

1. Organization Roles: These roles are applicable across the entire organization and generally include administrative permissions such as managing users, teams, and financial settings.
2. Team Roles: These are specific to teams and control access to actions within a team, like managing team-specific data or projects.

Managing Roles

Pre-configured Roles

Your EasyMedStat organization comes with a set of pre-configured roles designed to cover the most common functions and responsibilities within a typical organization. These roles can be used as-is or edited to better fit your specific needs.

Creating a New Role

1. Access Role Settings: Navigate to Settings > Roles in the EasyMedStat dashboard.
2. Create Role: Click on “+ New Role” and enter the role name and its scope (organization or team-specific).
3. Assign Permissions: Select the permissions that correspond to the responsibilities you wish to assign to the role.
4. Save the Role: After configuring the role and its permissions, save the role to make it available for assignment.

Editing an Existing Role

1. Select the Role to Edit: From the list of roles, click on the role you wish to modify, including any pre-configured roles that need adjustment.
2. Modify Permissions: Adjust the permissions as necessary to accommodate changes in job functions or organizational policies.
3. Update the Role: Save the changes to ensure the role reflects the new permissions.

Deleting a Role

1. Choose the Role: Identify the role you want to delete from the role management page.
2. Check Dependencies: Ensure no users are currently assigned to the role. If users are assigned, reassign them to appropriate roles before deletion.
3. Delete the Role: Remove the role from the system, understanding that this action is irreversible.

Best Practices for Role Management

• Regular Review: Periodically review roles and permissions to ensure they align with current organizational needs and security policies.
• Principle of Least Privilege: Assign users only the permissions they need to perform their tasks to minimize security risks.
• Clear Definitions: Maintain clear definitions and documentation for each role to ensure understanding and proper use across the organization.

List of Existing Permissions in EasyMedStat

Permissions in EasyMedStat are designated to either the whole organization or specific teams. These permissions define what actions users can perform within the platform, enhancing security and operational efficiency by ensuring appropriate access levels.

Organization-Level Permissions

These permissions apply across the entire organization and are generally granted to users with administrative roles. Here are the key organization-level permissions:

Manage Organization: This permission allows users to:

  - Edit the organization's name and logo.

  - Communicate messages and files to all users within the organization.

Edit Roles: Users with this permission can:

  - Create new roles.

  - Edit existing roles, including modifying their permissions.

Manage Teams: This encompasses the ability to:

  - Create new teams within the organization.

  - Edit and manage details of existing teams.

  - Delete teams.

  - Access and view the list of all team members.

Manage Documents: This permission includes:

  - Adding new documents to the organization’s repository.

  - Editing and updating existing documents.

  - Deleting documents from the organization.

Manage Users: Users with this permission can:

  - Add new users to the organization.

  - Edit details of existing users.

  - Delete users from the organization.

Manage User Licenses: This is crucial for controlling access and includes:

  - Assigning paid licenses to users.

  - Removing paid licenses.

  - Purchasing additional licenses.

  - Downloading billing and transactional documents.

Team-Level Permissions

These permissions are specific to individual teams within the organization:

Manage Team Members: Enables team leaders or designated users to:

  - Add existing users to their teams.

  - Remove users from their teams.

Cross-Level Permissions

Some permissions apply to both organization and individual teams, facilitating broader control where needed:

Create Series: 

  - Users lacking this permission will not see the "New Series" button, restricting their ability to initiate new series.

Manage Series:

  - Freeze and unfreeze data to ensure data integrity.

  - Stop and resume patient inclusions as per the research requirements.

  - Archive series for historical record keeping or to conclude the research.