ServiceXG Basics

Manage system security and data access

Each basys system user must have a user security role and a user profile defining what they can access.

Before you create new roles, see Determine system access levels and plan out the roles and access levels. This topic also explains how the authorization across sessions, functions, and subtabs applies.

Set up user roles

Create roles to govern user access to sessions, functions, and data in ServiceXG with the Authorization Role Editor.

1. Add an authorization role

   For each role, you can allow or restrict access to the following items:

   • Sessions—for example, member, dependent or employer sessions.
   • Functions within a particular session—for example, Member Information, which is a member session function
   • Tabs and sub tabs within a particular function—for example the Status Dates tab in the Member Status Dates function.
   • A feature within the function or subtab—for example Bank Information within the Pensioner Sequence subtab.
2. Set up data access controls:
   • Create a general Add a fund control to limit and grant access to funds. For example, a role for an operator with full access to the Plumbers Worker fund.
   • Add a Add a correspondence fund control to limit and grant access to correspondence by fund.
   • Add a Add a status code control to limit and grant access to member status codes.
3. Associate the controls to the role you created in the profile editor. See Set up a user profile.

SEE ALSO

Set up user profiles

Once a role is created, you can assign it to any number of users via Authorization Profile Editor. The user profile consists of the users assigned role, member control and any sensitive data masking.

1. Add a Add a member control to restrict user access to select members. For example, a user profile that restricts access to the fund office staff.
2. Add an Add an employer control to restrict user access to select employers.
3. Add a Add a sensitive data control to mask PHI, banking information, salary, social security numbers, or other information.
4. Use the Authorization Profile Editor to select the role, member control, sensitive data selections and select final view options. See Set up a user profile.

SEE ALSO