TTUHSC Welcome to the HSC
HomeEl Paso Campus

Security Guideline

Purpose

User Access
Overview of Process
Modification (Updates) to existing User Access
Deactivation (termination) of existing User Access
Monthly
45 Day Audits
Annually


Purpose

The IDX application is the practice management software used by all four campuses of the Texas Tech Health Sciences Center. This document will list the tasks, timeframes and personnel responsible for the routine maintenance of the IDX Users. The IDX software has various levels of security access and restrictions that are based on the job duties of the employees. Each campus has staff assigned to setup, modify, and remove user access to IDX. Typically user access is the responsibility of the training staff as coordination with courses and understanding of application functions and activities are provided by the training or Patient Services staff.

 

User Access

It is the responsibility of the hiring supervisor to request access to the IDX for any new or replacement positions. The approval of this access is based on the positions job duties (role based access).

Overview of Process

The practice management system has training and a production instance. Training access is granted for the purpose of teaching new staff and updating existing staff on the functionality of the software.

 

The Web Request form is found at:

http://www.ttuhsc.edu/elpaso/som/mpip/idx user.aspx

 

An email is generated to the Patient Services (training area) for the access to the system. The user is created in training area and in the production area. The Patient Services support analyst reviews the request and determines the corresponding role of the staff based on job duties. Any additional documentation is requested from the supervisor or manager of the staff member. Examples of such documentation are the charge entry, payment posting forms that indicate the need for this specific access.

 

Training is scheduled with the staff and their training user id is provided in the class. Upon completion of training, the production user id is provided and the employee signs off on the Training Check list.

 

Modification (Updates) to existing User Access.

It is the responsibility of the hiring supervisor to request changes in access to the IDX for due to any new job duties or changes of duties. The approval of this access is based on the positions job duties (role based access). The Web Request form is found at:

http://www.ttuhsc.edu/elpaso/som/mpip/idx user.aspx

 

Email requests from supervisors for changes to existing users are also sent to the Patient Services staff. Appropriate forms for additional access to payment posting and charge entry are completed prior to any changes to access are granted. All completed forms and email correspondence are stored in the IDX User Access file found in Patient Services.

Deactivation (termination) of existing User Access

It is the responsibility of the direct supervisor to request removal of access to the IDX for due to any transfer, termination, or changes of job duties. An email from the supervisor to Patient Services indicating the need to remove access is sufficient. This email is printed and stored in the IDX User Access file found in Patient Services.

Employee Exit

Currently, Patient Services receives a Separation Check Out Form from Human Resources (HR) with a terminated employee from TTUHSC. This list is then cross referenced to the current IDX User listing and any identified employees are deactivated.

45 Day Audits

User passwords expire every 45 calendar days in the IDX application. A report is run every month that indicates every user that has not access IDX in the last 45 calendar days. This report is processed by the Central IDX support team and all users found on this list are deactivated.

©