ACL is a feature of Catalyst that restricts user access for specified client(s). With the aid of an administration console, this feature is implemented by restricting access to specified clients and all screens containing that client information. ACL is only available to live Catalyst users, not to Interface users.
Important Notes about ACL Super User Accounts
The person selected to have access to ACL should be a privacy officer or equivalent. It is important to understand that the ACL Super User account will be responsible for promoting any other existing Catalyst accounts to a Super User; Super User accounts should be provided with discretion. It is also worth noting that any existing or new Catalyst Administrator accounts can reset passwords and then log in as that account including an ACL Super User account. Proper business and privacy practices should be in place.
To enable the ACL module a senior staff member of an HSP must make a request to the DATIS Help Desk; their existing Catalyst account will then be promoted to an ACL Super User and they’ll be given access to the ACL module. DATIS will only provide access to the first account.
Once an account has been given access to ACL they can then give other users access.
Definitions
Unlocked Client
A client record with unrestricted access; any user, with client information rights can access the client record Protected Health Information (PHI). By default all client records are unlocked.
Locked Client
A client record with restricted access can only be viewed by the Admin/Super User or by the Catalyst User that has a mapped relationship with the locked client. All other Catalyst users are not able to view PHI such as client first name, last name, date of birth, etc.
Client unlocked to a user
A locked client accessible to a particular Catalyst user(s)
ACL Super User /ACL Role
The Catalyst user with this role, while in the ACL console, can access any client including locked clients and exercise user privileges: lock, unlock users, unlock client to a user, etc.
Assign Role
Identify who can work with locked clients by assigning a Role to the Service Provider
Map Relationship
Map the relationship between the Locked client and Service Provider Lock the client - identify the client to lock.
Un-map a relationship
When the relationship is interrupted, the service provider can no longer access PHI of that client.
Using ACL
These instructions give an overview of using the ACL module from Catalyst.
- Login to Catalyst Using the Super User Login Credentials.
- From the Home Page Client Lock Menu, click on Access Control.
- Click Continue.
| Item | Purpose/Description |
|---|---|
| 1 | This message is found on the “Lock a Client” screen and not on the “Unlock a Client” screen |
| 1 | Advises the ACL Super User to check for duplicates records before locking the client |
| 2 | Pagination – indicates page number and how many pages result from the search |
| 3 | Read – command to bring results to screen |
| 4 | Clear All – command to clear results from the screen |
| 5 | Previous Screen – takes user back one screen |
| 6 | Exit Access Control |
Examples of search options
The more narrow the search the more define the search criteria used.
Option 1: Search by Case Number
Enter client Chart # in the field called CaseNo and click the Read button. Any client with that chart number will display on screen
Option 2: Search by letter and %
Enter the first letter of the last name in the Lastname field along with the % symbol. This is case sensitive. Example, search on client Apple, enter A% in the last name field and all last names starting with the upper case A will appear in a list. Enter the lower case “a” and all names in lower starting with a will result.
Option 3: Search all inclusive
Click on the Read option without entering any search criteria. All unlocked clients will display on screen
