Skip to main content

User Management

The User Management section provides comprehensive tools for inviting team members, managing user roles, and controlling access across your XY Platform workspace. This ensures proper security and workflow efficiency in your healthcare automation environment.

Inviting New Users

How to Invite Users

Step 1: Access User Settings

  1. Click on your user avatar/email in the bottom-left corner of the XY Web App
  2. Click "Settings" from the dropdown menu
  3. Navigate to the user management section

Step 2: View Current Users

  • Review your current list of workspace users
  • See each user's current role and access level
  • Check when users were last active

Step 3: Send Invitations

  1. Click the "Invite users" button
  2. Enter the email address of the person you want to invite
  3. Select their desired role from the dropdown menu
  4. Add an optional personal message
  5. Click "Send Invitation"

Step 4: Track Invitation Status

  • Monitor pending invitations in the user list
  • Resend invitations if needed
  • See when invitations are accepted

Invitation Best Practices

Role Selection Guidelines

  • Start Conservative: Begin with limited access roles and expand as needed
  • Job Function Alignment: Match roles to actual job responsibilities
  • Security First: Follow the principle of least privilege
  • Review Regularly: Periodically assess if role assignments remain appropriate

Onboarding Considerations

  • Training Required: Ensure new users receive appropriate training for their role
  • Initial Supervision: Provide guidance during the first few workflow interactions
  • Documentation Access: Share relevant user guides and troubleshooting resources
  • Support Contact: Designate a point person for questions during onboarding

Managing Existing Users

Viewing and Editing User Access

Access User Details

  1. Click on any user in your user list
  2. View their current permissions and access levels
  3. See their page-level access rights
  4. Review their workflow access permissions

Edit User Permissions

  • Role Changes: Update a user's primary role
  • Page Access: Grant or restrict access to specific sections of the XY Web App
  • Workflow Access: Control which workflows the user can view, run, or modify
  • Custom Permissions: Apply specific permission combinations as needed

Monitor User Activity

  • Last Login: See when users last accessed the system
  • Activity Summary: Review recent actions and workflow interactions
  • Permission Usage: Understand which features users actively utilize

User Lifecycle Management

Role Transitions

  • Promotions: Expand access when users take on additional responsibilities
  • Department Changes: Adjust role assignments for internal transfers
  • Temporary Access: Grant time-limited elevated permissions for special projects
  • Emergency Access: Implement break-glass procedures for urgent situations

Deactivation Process

  • Immediate Suspension: Quickly suspend access for departing employees
  • Gradual Transition: Transfer responsibilities and workflow ownership
  • Access Review: Audit and document all permissions before removal
  • Data Retention: Follow organizational policies for user-associated data

Team Organization

Department Structure

Organize by Function

  • Clinical Teams: Group clinical staff with appropriate medical workflow access
  • Billing Department: Provide revenue cycle and claims management access
  • Administrative Staff: Grant scheduling and patient communication access
  • IT and Compliance: Ensure technical and audit access as required

Cross-Functional Teams

  • Project Teams: Create temporary access groups for specific automation projects
  • Training Groups: Organize users by experience level for targeted training
  • Quality Assurance: Designate reviewers and approvers for workflow validation
  • Emergency Response: Maintain emergency access groups for urgent situations

Communication and Coordination

User Notifications

  • Role Changes: Automatically notify users of permission updates
  • System Updates: Communicate platform changes and new features
  • Training Opportunities: Alert users to relevant training sessions and resources
  • Policy Updates: Distribute policy changes and compliance requirements

Team Collaboration

  • Shared Queues: Enable team collaboration on workflow review queues
  • Knowledge Sharing: Facilitate sharing of best practices and troubleshooting tips
  • Performance Metrics: Provide team-level analytics and efficiency reporting
  • Feedback Loops: Establish channels for user feedback and improvement suggestions

Security and Compliance

Access Control Principles

Least Privilege Access

  • Grant only the minimum permissions necessary for job functions
  • Regularly review and reduce unnecessary access rights
  • Document justifications for elevated permissions
  • Implement approval processes for access requests

Separation of Duties

  • Prevent conflicts of interest through appropriate role separation
  • Require multiple approvals for sensitive financial and clinical workflows
  • Maintain audit trails for all user actions and permission changes
  • Implement checks and balances in workflow processing

Compliance Monitoring

Audit Requirements

  • Access Logs: Maintain comprehensive logs of all user access and activities
  • Permission Changes: Document all role and permission modifications
  • Regular Reviews: Conduct periodic access reviews and certifications
  • Compliance Reporting: Generate reports for regulatory and internal audits

Security Monitoring

  • Unusual Activity: Monitor and alert on atypical user behavior patterns
  • Failed Access Attempts: Track and investigate unauthorized access attempts
  • Geographic Access: Monitor access from unusual locations or devices
  • Time-Based Monitoring: Alert on access outside of normal business hours

Best Practices

Invitation Management

Before Inviting

  • Verify Email: Confirm email addresses are correct and active
  • Determine Role: Carefully assess appropriate role and permission level
  • Prepare Documentation: Have training materials and guides ready
  • Plan Onboarding: Schedule introduction sessions and initial training

After Invitation

  • Follow Up: Ensure invitations are received and accepted promptly
  • Initial Check-In: Schedule early check-ins to address questions and concerns
  • Performance Monitoring: Track initial usage patterns and provide additional support as needed
  • Feedback Collection: Gather feedback on the invitation and onboarding process

Ongoing Management

Regular Reviews

  • Monthly Access Review: Review active users and their access levels
  • Quarterly Role Assessment: Assess role appropriateness and make necessary adjustments
  • Annual Security Audit: Conduct comprehensive security and compliance reviews
  • Continuous Improvement: Update processes based on user feedback and security requirements

Documentation and Training

  • Maintain User Guides: Keep user documentation current and accessible
  • Update Training Materials: Regularly update training content for new features and processes
  • Share Best Practices: Document and share successful user management strategies
  • Incident Response: Maintain procedures for handling user-related security incidents