Roles and Permissions

Users with this role are responsible for reviewing Alerts, conducting Investigations, and performing user and application administration functions. This role has access to Alerts and Investigations that are assigned to any user or group.

Users with this role can:

• Access enterprise-level dashboards

• Add, edit, and share Reports, Enforced Policies, Alerts, and Investigations

• Run all Governance Reports

• Add and manage Imprivata Access Intelligence users

Users with this role are responsible for reviewing Alerts and conducting Investigations. They have limited access to Alerts and Investigations that are assigned to or shared with them and their groups.

Users with this role can:

• Access enterprise-level dashboards

• Add, edit, and share Reports, Enforced Policies, Alerts, and Investigations

• Delete Alerts

• Run all Governance Reports

This role has the same rights and permissions as Privacy Officer. Compliance Officer uses the Governance Reports to measure the effectiveness of the Enforced Policies.

Users with this role can:

• Access enterprise-level dashboards

• Add, edit, and share Reports, Enforced Policies, Alerts, and Investigations

• Run all Governance Reports

This role is assigned to a person who needs visibility into the Governance Reports and read-only access to Investigations.

Users with this role can:

• Access enterprise-level dashboards

• Edit and share Reports and Analytics

• View Investigations

• Access Governance Reports

This role is assigned to a person who only needs visibility into Investigations and the ability to comment on Investigations. For example, the Reviewer role may be assigned to the supervisor of an employee who wants to review the audit events that are under investigation to provide feedback during the investigation.

Users with this role can:

• Access enterprise-level dashboards

• View Investigations

This role is assigned to a person who only needs to run Reports. For example, the Guest role may be assigned to an external auditor who needs to review the data submitted during the investigation.

Users with this role can:

• Access enterprise-level dashboards

• Edit and share Reports

Users with this role are responsible for reviewing Alerts and conducting Investigations. They have limited access to Alerts and Investigations that are assigned to or shared with them and their groups. They cannot perform user and application administration functions.

Users with this role can:

• Access enterprise-level dashboards

• Add, edit, and share Reports, Enforced Policies, Alerts, and Investigations

• Delete Alerts Run all Governance Reports

Users with this role are responsible for reviewing Alerts, conducting Investigations, and performing user and some application administration functions. They have limited access to Alerts and Investigations that are assigned to or shared with them and their groups.

Users with this role can:

• Access enterprise-level dashboards

• Add, edit, and share Reports, Enforced Policies, Alerts, and Investigations

• Delete Alerts Run all Governance Reports

• Add and manage Imprivata Access Intelligence users

This role is assigned to a person who is responsible for reviewing Alerts without the authority to create Investigations. Users with the Manager role have access to the simplified view of the Alert results that are assigned to them. It allows Manager to quickly check the Alert results and determine if further review is required by another user or if access was appropriate. Manager also has access to any Investigation that has been assigned or shared with them.

Users with this role can:

• View Investigations

• Add notes to Alerts

• Review Alerts and set status as

  • Appropriate Access

  • Further Review Required

Users with this role are responsible for the monitoring of data ingestion into Imprivata Access Intelligence. Administrators can view the configuration of the loading and transformation of data into Imprivata Access Intelligence. They can also view the status of the loading jobs.

Users with this role can:

• Add and manage Imprivata Access Intelligence users and user groups

• View Sources, Targets, and Mappings

• Access Source History, Log History, Tasks, System Properties, Data Availability Status, and Custom Fields

Users with this role have access to application data and system monitoring settings, including Task Status, Data Availability Status, Source History, and View Application Audit Trail. This role should be assigned to a person who is responsible for the data flow monitoring.

Users with this role are responsible for managing the access of any user within Imprivata Access Intelligence. This includes adding, editing, and deleting users. In addition, User Administrator can reassign all Alerts, Investigations, and Reports; however, they cannot view any of their content.

Users with this role can:

• Add and manage Imprivata Access Intelligence users and user groups

• Reassign all Alerts, Investigations, and Reports

This role has similar rights and permissions as User Administrator, but slightly limited. Users with this role are only responsible for managing the access of any user within Imprivata Access Intelligence. This includes adding, editing, and deleting users and user groups.

Users with this role can:

• Add and manage users and user groups

Users with this role are responsible for managing OneSign users, user enrollment metrics, and application usage.

Users with this role can:

• Access enterprise-level and OneSign dashboards

• Edit and share Reports

This role is used by the Imprivata Access Intelligence admins who want to set users up with limited access to the application while they are provisioning users via SSO, creating groups, and adding field restrictions.

This role is used by the Imprivata Access Intelligence users who have integration with Sumo Logic. With the Sumo Sender role assigned, they can schedule reports that will send the results to Sumo Logic.

Be aware that this is an addition-to control, not a completely separate role.

This role is used by the Imprivata FairWarning users who have integration with Splunk. With the Splunk Sender role assigned, they can schedule reports that will send the results to Splunk.

Be aware that this is an addition-to control, not a completely separate role.

This role is used by the Imprivata Access Intelligence users who need the ability to search across the archived data. With this role assigned in combination with another standard role, such as Information Security, users can conduct a Quick Report search based on User, Patient, or User and Patient criteria across both live and archived data.

Be aware that this is an addition-to control, not a completely separate role.