Default User Access Levels

Who they are for any why you need to be careful when using them

Special Category Data under GDPR

As the site is designed to process Special Category Data (health data) under GDPR you need to be careful when allocating default users and you may be better creating custom Access Levels to mitigate any risk to the data.

Default Access Levels

PatientInbox

Purpose	Modules accessible
Handling incoming SmartForm Submissions	Patient Inbox

Data and Access Manager

Purpose

Modules accessible

Access to manage patient interactions
Can allocate the following user levels
- PatientInbox
- Custom User Access Levels
Authority to grant user access as the Data Controller for GDPR Purposes

FFT Setup
FFT Answers
Create & Configure SmartForms
PatientInbox
SmartForm Statistics
Add / Remove Staff Accounts
Audit Trail
Notification Recipients
Mailing List Subscriptions
PatientInsights (If subscribed to)

Administrator

All users that require this level of access need to attend our training course on How to edit and amend your website.

Purpose

Modules accessible

Content Management

Authority to grant user access as the Data Controller for GDPR Purposes

Can allocate the following user levels
- Administrator
- Data Access Manager
- PatientInbox
- Custom User Access Levels

All Data Access Manager Modules PLUS

Add / Rem & Edit Pages
Manage Navigation
Publication Requests
Our Staff / Team
GP Availability
NHS Choices Review
Edit Homepage
Alerts
Banner Icons
Who do I see
News Articles
Upcoming Events
Polls
Manage Columns
Manage Column Items
Boundary Map
Boundary Map Messages
Maps
Slideshow
Photo Gallery
Media
Grids
File Manager
GCM - if applied
SurgeryDocs (If activated)
Practice Information
Backup & Restore