Chat now with support
Chat with Support

Identity Manager 9.2.1 - Epic Healthcare System Administration Guide

Managing an Epic health care system Setting up synchronization with an Epic health care system Basic Data for managing an Epic health care system Epic Connection Epic EMP User Accounts Epic EMP template Epic EMP subtemplate Epic SER Items Epic SER Provider accounts Epic SER Blueprints Epic SER Template Security Matrix Configuration parameters for managing Epic health care system Default project template for Epic

Assigning account definition to identities

Account definitions are assigned to company identities. Indirect assignment is the default method for assigning account definitions to identities. Account definitions are assigned to departments, cost centers, locations, or roles. The identities are categorized into these departments, cost centers, locations, or roles depending on their function in the company and thus obtain their account definitions. To react quickly to special requests, you can assign individual account definitions directly to identities. You can automatically assign special account definitions to all company identities. It is possible to assign account definitions to the IT Shop as requestable products. A department manager can then request user accounts from the Web Portal for his staff. It is also possible to add account definitions to system roles. These system roles can be assigned to identities through hierarchical roles or directly or added as products in the IT Shop. In the One Identity Manager default installation, the processes are checked at the start to see if the identity already has a user account in the target system that has an account definition. If no user account exists, a new user account is created with the account definition’s default manage level.

NOTE: If a user account already exists and is disabled, then it is re-enabled. You must alter the user account manage level afterward in this case.

Prerequisites for indirect assignment of account definitions to identities

• Assignment of identities and account definitions is permitted for role classes (departments, cost centers, locations, or business roles).

NOTE: As long as an account definition for an identity is valid, the identity retains the user account that was created by it. If the assignment of an account definition is removed, the user account that was created from this account definition is deleted. For detailed information about preparing role classes to be assigned, see the One Identity Manager Identity Management Base Module Administration Guide.

Detailed information about this topic

Assigning account definitions to departments, cost centers, and locations

To add account definitions to hierarchical roles

1. In the Manager, select the Epic healthcare | Basic configuration data | Account definitions | Account definitions category.

2. Select an account definition in the result list.

3. Select the Assign organizations task.

4. Assign organizations in Add assignments.

  • Assign departments on the Departments tab.
  • Assign locations on the Locations tab.
  • Assign cost centers on the Cost centers tab.

NOTE: In Remove assignments, you can remove the assignment of organizations. To remove an assignment, select the organization and double-click .

5. Save the changes.

Assigning an account definition to business roles

Installed modules: Business Roles Module

To add account definitions to hierarchical roles

1. In One Identity Manager, select the Epic healthcare | Basic configuration data | Account definitions | Account definitions category.

2. Select an account definition in the result list.

3. Select the Assign business roles task.

4. Assign business roles in Add assignments.

NOTE: In Remove assignments, you can remove the assignment of business roles. To remove an assignment, select the business role and double-click .

5. Save the changes.

Assigning account definitions to all identities

To assign an account definition to all identities

1. In One Identity Manager, select the Epic healthcare| Basic configuration data | Account definitions | Account definitions category.

2. Select an account definition in the result list.

3. Select the Change master data task.

4. On the General tab, enable the Automatic assignment to identities option.

NOTE: Only set this option if you can ensure that all current internal identities in the database and all pending newly added internal identities obtain a user account in this target system.

5. Save the changes.

The account definition is assigned to every identity that is not marked as external. New identities automatically obtain this account definition as soon as they are added. The assignment is calculated by the DBQueue Processor.

NOTE: Disable Automatic assignment to identities to remove automatic assignment of the account definition to all identities. The account definition cannot be reassigned to identities from this point on. Existing assignments remain intact.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating