User Roles & Security
InSched uses role-based access control (RBAC) to manage user permissions. Users are assigned roles, and each role is granted or denied specific privileges.
Concepts
Users
A user represents an individual who logs into InSched. Each user has a username and password.
Roles
A role is a named set of permissions (e.g., "Front Desk", "Billing", "Administrator"). Roles define what a user can and cannot do in the system.
Privileges
A privilege is a specific action or capability within InSched (e.g., "Edit Patient", "Delete Event", "View Financial Reports"). Privileges are assigned to roles, and can be either granted or explicitly denied.
Logging In
When InSched starts (if security is enabled), the Login dialog appears:
- Enter your User Name
- Enter your Password (displayed as asterisks)
- Click Ok to log in
Changing Your Password
To change your password:
- Open the Change Password dialog
- Enter your Current Password
- Enter your New Password
- Confirm the new password
- Click Ok to save
Managing User-Role Assignments
Select Setup > Edit Roles for Users to assign roles to users.
User-Role Grid
| Column | Description |
|---|---|
| User | The user account (selected from dropdown) |
| Role | The role assigned to this user (selected from dropdown) |
| Inactive | Check to disable this assignment without deleting it |
Assigning a Role
- Click New User to add a new user-role assignment
- Select the User from the dropdown
- Select the Role from the dropdown
- Click Ok or press F3 to save
A user can have multiple role assignments. Their effective permissions are the combination of all assigned roles.
Creating a New Role
Click New Role to create a new role that can then be configured with specific privileges.
Managing Role Privileges
Select Setup > Edit Privileges For Roles to configure what each role can do.
Privileges Grid
| Column | Description |
|---|---|
| Role | The role being configured |
| Privilege | The specific privilege (with description) |
| Deny | Check to explicitly deny this privilege for the role |
| Inactive | Check to disable this privilege assignment |
Granting a Privilege
- Select the Role from the dropdown
- Select the Privilege from the dropdown (the description helps identify each privilege)
- Leave Deny unchecked to grant the privilege
- Click Ok or press F3 to save
Denying a Privilege
Check the Deny checkbox to explicitly prevent a role from having a specific privilege. This is useful when a user has multiple roles and you need to restrict access that would otherwise be granted by another role.
Security Best Practices
- Use specific roles — Create roles that match job functions (e.g., "Front Desk", "Billing Clerk", "Office Manager") rather than one generic role
- Principle of least privilege — Grant only the privileges each role needs
- Review periodically — Audit role assignments when staff changes occur
- Mark inactive — When a user leaves, mark their role assignments as inactive rather than deleting them for audit trail purposes