Systems Support Services Vanderbilt University Information Technology Identity Operations

advertisement
Systems Support Services
Vanderbilt University Information Technology
Identity Operations
By end of the class, participants will begin to
understand:
 Steps for obtaining and managing VUNet IDs &
resources available to you for guidance
 Overall process and components of systems access
& Security Manager role
 Steps for obtaining and managing RACF IDs &
access to clinical systems managed by Identity
Operations team & resources available to you for
guidance
 Resources available to troubleshoot issues that
Security Managers encounter
1.
2.
3.
4.
5.
6.
7.
PAF done (VUNetID generated automatically on effective
employment date)
Security Manager checks VSA to see if user already has a
VUNetID or if one has been created.
Security Manager requests RACF ID & access to applications
needed via the online SAMS website
Identity Operations emails the security manager when their
systems access request has been processed
The security manager goes to the SAMS Security Letter website to
print the security letter with RACF ID and temporary password
The Security Manager assigns Medipac functionality & default
pavilion (if needed)
The Security Manager ensures new staff member has RACF ID
letter and appropriate systems access by first date of unit
orientation.





Transfer – receiving Security Manager requests
changes needed via SAM on-line form
Role/Job change impacting systems access
requirements – Security Manager submits SAM request
for needed changes
Termination – Security Manager submits SAM request
to delete all functionality (after termination)
If a termination occurs after normal business hours and
the VUNetID needs to be deactivated immediately, call
the NOC at 322-2954 and someone on the development
team will be paged
More complex issues (student and employee, two
jobs/roles, etc.) – consults with Identity Operations
and Systems Support Services as needed
Triggers for Re-evaluation of Systems Access:
New hire?
Cross –train for
added duties
(eg. CP xtrained as MR)?
Will need VUNetID, RACF ID, access to StarPanel, HEO/Wiz, HED/AdminRx, & possibly
Medipac, POU, Teletracking, etc. Refer to grid for role-specific requirements for unit.
Will need to compare CP functionality to MR functionality on grid and request what’s missing.
Will need Medipac access to enter transfers, discharges, and departures.
Job change on
same unit (eg.
CP to RN)?
Will need to compare current functionality to functionality needed for new role and request
what’s missing. (Eg. A RN will need a “role change” in HEO to enable them to enter verbal
orders for meds. )
Transfer in or
out?
Will need to compare current functionality to functionality needed for role on new unit and
request what’s missing (or delete what is no longer needed). (Eg. POU access may need to be
added or deleted). Unit information will need to be updated to show current home dept.
Termination
(voluntary or
involuntary)?
2nd Job (eg. CP
who is Nursing
Student doing
clinical
placement
here)?
Systems access will need to be inactivated. In some cases with involuntary terminations, this
needs to be done very quickly to prevent malicious activity. There is a monthly PeopleSoft feed
that will eventually inactivate VUNetID but this is delayed. Be cautious in situations where one
job is ending but staff member will continue to have a job elsewhere at VUMC as their access
may need to be transitioned to new Security Manager rather than ended.
This can get tricky and requires a case-by-case review and perhaps consultation with CAPS or
other resource. In general, the individual will need access to perform in both roles AND will
need guidance that they need to match what systems they use and how they use them to the role
in which they are functioning at any given time. (eg. A Nursing Student might document meds
in AdminRx but a CP would not.)
VUNETID




Assigned by VSA
Log on for email
Log on to HR related
websites
Log on for most clinical
systems
RACF ID




Assigned by Identity
Operations
Log on used by security
managers to website for
RACF ID letter and
temporary password
Log on used for Medipac,
Epic and ebedboard
Log on used by RNs for
some functions in HED

AccessVU Website – request and manage VUNetID


Online Request for Systems Access – request RACF ID
and systems access


https://ifm60wp-web-vm/login.php
Systems Support Services Website – security manager
resource materials page


https://samprod.mc.vanderbilt.edu/sam/UserQuery.aspx
Link to Print Security Letters with RACF ID and
Temporary Password


http://www.vanderbilt.edu/accessvu/
http://www.mc.vanderbilt.edu/root/vumc.php?site=sss2&do
c=42882
Order My VUNetID cards from the Copy Center – MC
1009
Download