3. Managing User Accounts (useradmin)
System Administrators use the useradmin program to manage login accounts on their PCC system. Authorized users can run useradmin and add new users to the system, lock out or retire old users, and reset forgotten passwords.
Security: You can use useradmin to help enforce the security guidelines of your practice, but there are a number of "best practices" that your office should also consider:
Encourage users to keep their passwords to themselves.
Have your staff change their password periodically.
Lock out former staff members from the system as soon as possible. Inform PCC when you do this, especially if the staff member has a home connection to your server.
Train your staff to log out of their workstation when they are finished. Do not allow several users to share the same login window.
3.1. Starting useradmin
You can run useradmin either from the System Administration window in your Partner windows or by typing useradmin at a command prompt.
Since useradmin performs sensitive administrative functions, only authorized personnel can run it, such as your office's System Administrator or PCC's Customer Care Team. useradmin keeps an internal list of authorized users; the System Administrator can change this list at any time.
3.2. Performing User Account Actions
The main useradmin screen looks like this:
Authorized users may press the appropriate function key to add or lock out a user, change a user's password, or edit authorization lists.
Command Prompt Shortcuts. Authorized users can type the commands listed on the screen instead of running the useradmin program to select them. For example, a system administrator might type userpasswd at a command prompt to reset a user's password.
3.3. Add a New User
Press [F2 -- Add New User] from the main useradmin screen to add a new login to your Partner server. You will see the following:
Fill out the fields with the full name and the short user name of the user. A user name should be easy to type quickly and contain no capital letters or spaces.
E-Mail Addresses. If your office uses PCC's e-mail service, the new user's e-mail address will be their username, followed by the @ symbol, followed by your office's PCC acronym and the ".com." For example: alice@paj.pcc.com.
3.4. Lock Out a User
The System Administrator should lock out any user who should no longer be using your Partner system. Your Partner server contains an enormous amount of Private Health Information (PHI) as well as sensitive financial information about your practice. Whether an employee has left your practice or is being assigned to a new position away from the computer, they should be locked out of the Parter system as soon as their Partner related responsibilities are finished.
Run useradmin and press [F3 -- Lockout User] to retire a user's login name. You will be shown a list of users from which to choose:
Select the user whom you wish to lock out and press Enter.
Computer System Names: You may see some system login names that are part of how the operating system functions. Do not lock out those users.
CALL PCC: You may want to inform PCC when you remove a user from your system. If a former employee often spoke with PCC, you should tell our support team that the user should no longer be given access to your system. If the user had access to Partner from a home or remote office, it is especially important that you contact PCC and tell us to turn off that connection.
3.5. Change a User's Password
If a user forgets their password, the System Administrator can reset it for them in useradmin. Press [F4 -- Change Password] to begin.
You will be shown a list of users:
Select the user and press Enter to change their password. You will be shown a warning, and then asked to enter the new password four times:
Passwords must be at least 5 characters long.
Better Password Security. The user should log into Partner and change their password once you have reset it to something new. Encourage users to pick passwords that are difficult to guess or contain a mix of letters and numbers.
3.6. Edit an Authorization List
Currently, there are two system authorization lists that you can edit from the [F8 -- Authztn List] in useradmin:
First, you can edit the list of users authorized to add new users to the system. This includes access to changing passwords, locking out users, and access to changing this same authorization list.
Second, you can edit which users are allowed to edit patient and account notes for the Structured Notes option in the family and patient editor.
When you edit an authorization list, you will see a simple text box with a list of usernames:
Make changes and press [F1 -- Save] to confirm. Press [F12] to quit without making changes.