1 | P a g e                                                                                                                       V e r s i o n   1 . 0   

 

 

 

 

USER ACCESS SYSTEM A Guide for Users & Authorisers  

 

 

 

 

 

 

 

 

 

 

Public Health and Intelligence

NHS National Services Scotland

2 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Contents Overview of User Access System 3

How to register to use the User Access System 4

Log In 5

Log Out 5

Change Password 5

Part 1: User Guide

Home screen & Menu 6

Request New Access 6

Submitting Your New Access Request 8

View Access/Requests 9

Remove Access 10

Resubmit Rejected Access 11

Review Access 12

Request Review 12

Change in Access 13

Part 2: Authoriser Guide

Overview 14

Home screen & Menu 14

Applications for Consideration 15

User Request 16

Authorise Access 17

Reject Access 17

Re-Submitted Access Requests 17

Review of Access 18

Audit Reports 18

Set Out-of-Office 18

Contact Details 19

List of Data Marts & Information Tools 20

3 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Overview of User Access System National Services Scotland (NSS) collates health data from various sources across Scotland and uses it to populate a number of data marts and information tools.. Specific functionality with the User Access System (UAS application is provided to assist users across Scotland to make decisions in relation to local health care. The UAS has been developed by National Services Scotland to reduce the time taken to administer a paper based access process, by moving this service to an online application helps to reduce risk of error by automating the administrative process. UAS enables the centralisation of data on access applications and authorisations for health boards, Community Health Partnerships, General Practices and other organisations. Access to data marts and information tools is available to all NHS staff who have been authorised by the relevant authoriser. The authoriser will review and consider each request before granting access. The User Access System will process: Requests to access data marts and information tools provided by NSS Any change request required to current access The six-monthly or annual access renewal process Requests for training The UAS will be available to NHS staff and can only be accessed from computers with a secure N3 connection - this means securely connected to the NHS network. The UAS application will be accessed with a username and password supplied by the Customer Support Desk within NSS. In addition to this User Guide, the UAS application contains help text features throughout. When hovering the mouse pointer over text when it changes to icon this indicates there is help text available – to access the help text click on the to read the description or explanation. Data Mart Users The User Access System has been populated with details of all current NSS data mart and information tools users. All users will be allowed to access the UAS application using the username and password details they already use to access data marts/information tools. A reminder of your username and password can be requested by contacting the Customer Support Desk - nss.csd@nhs.net or 0131 275 7777. Within the UAS application users are able to request access for data marts, renew access to data marts and if necessary, request a change to current access e.g. moving from non - confidential level to confidential data level, users are also able to request access is ceased or removed, once access is no longer required.

4 | P a g e                                                                                                                       V e r s i o n   1 . 0   

How to Register to use the User Access System All Health Boards and General Practice staff who are new to NSS data marts and who have not previously used the User Access System should register and receive a user name and password. To register for a user account Type this link into your browser or click on this link

https://useraccess.nhsnss.scot.nhs.uk/

Select the ‘Register’ button

The Registration form will open in a new window. The form should be completed with all relevant details and submitted to the NSS

Customer Support Desk (CSD) to create new account. CSD will email the new details via two emails. Containing the username and the password. One email will also contain a link to the Directory Information System (DIS), users must use this link to change the auto generated password (to something more memorable). Note - Passwords are case sensitive.

5 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Log In Users and Authorisers – please login to the User Access System using your username and password you currently use for Business Objects. If you are unsure of your login details follow the instructions above and contact Customer Support desk.

Log Out

  To logout correctly: Select the Logout button to logout of UAS. We advise that this is used rather than simply closing the browser window at the top right of the screen.  

 

Change Password  The password for the User Access System (UAS) is linked to many other systems. As such, any change to this password will impact on the ability to access other systems. For this reason, if you select to change your password — a warning message appears. The NHS NSS corporate warehouse application/s and system/s that would be affected by any change to your password are:

Dataset Change Control (DCC) Diagnostics Capacity and Demand ((DCD) DCAQ) Drugs Related Deaths (DRD) Hepatitis C (HEPC) New Scottish Cancer Waits (NESCWA) Clinical Indicators (Clinind) Complaints Costs Book (Apex_Costbook) Essca Scottish Stroke Care Audit (Apex_Stroke_Audit)

If you continue and select - Change Password you will be transferred out of UAS application and into the Directory Information System (DIS); where your password can be changed.

6 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Part 1: User Guide Home Screen & Menu Once you login you will be taken to the ’Home’ screen where a menu of options is displayed.  

 

 

 

 

Fig 1 

Request New Access By selecting the Request New Access link in the left menu, a new window opens - from this window you can create an application request - select from a series of options in the drop down menus.

Once the data mart and level of access has been selected the ‘Continue’ button is displayed. You will then be asked to complete a section identifying their reason for access. The choice made should be the most appropriate reason according to your job role.

7 | P a g e                                                                                                                       V e r s i o n   1 . 0   

See the following list: Analytical role in audit as a clinical professional Analytical role in audit as a non-clinician Analytical role in research as a clinician Analytical role in research non-clinical Planning role as clinician responsible for individual patients Planning role in non-clinical setting with financial responsibilities (Health Board) Support role in processing information (Practice Manager, Administrative Role) Support role in IT systems administration (information technology non-clinical) Other

If ‘Other’ is selected a window will automatically appear, you should type the reason into the window. This section is limited to 500 characters so please be concise. Note – The purpose of asking for a reason for requesting access is for the benefit of the Authoriser; to aid in their decision regarding your request. GP Practice User  If you are requesting access to a data mart or information tool at GP Practice level, then you will be presented with a question asking if you are employed by the GP Practice. This is relevant for example by the Prescribing Information System for Scotland (PRISMS) or for Scottish Patients at Risk of Re-admission (SPARRA) team. This question should be completed by selecting Yes or No.

If Yes is selected then the request is routed directly to the Practice authoriser If No is selected, your line managers details will be required and the request will be routed via your Health Board authoriser. Health Board User  If you are not an employee of a GP Practice, then a section relating to the your line manager will appear with fields where the you must confirm that you have: Discussed the application with your line manager and Discussed training with your line manager and have Added the date of discussion with your line manager

8 | P a g e                                                                                                                       V e r s i o n   1 . 0   

NB - This section should be completed in full as the UAS will perform a validation process before the request is submitted and incomplete requests will not be forwarded for authorisation. Submitting Your New Access Request Once the online form is complete the ‘Create Request’ button should be selected and clicked. The screen will change view to the Request Access Screen – where you can view details of the created request. NB - your request has not been submitted at this stage.

At this stage the request has been ‘created’ but not yet submitted. This is to allow you, if required, to create a number of requests and then submit them all at once. When you are content and ready to submit your created request/s, you should:

Select the ‘tick box’ - located at the left side of the Edit button Click the ‘Submit Requests’ button - this will confirm the request/s

In the case of multiple requests all tick boxes can be selected at once by selecting the ‘tick box’ to the left of Modify Request. Process for Submitted Requests

An email is sent to the authoriser alerting them to the submitted request - the authoriser will review the request and can authorise or reject the request.

An email is also auto-generated and sent to your line manager to ensure they are aware of the submitted request.

If your authoriser is unavailable a message will be displayed highlighting the planned return date – so you can add this date to your calendar to keep track of your request. The request will be dealt with by your authoriser on their return.

9 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Supposing an authoriser has not been assigned to your General Practice or Health Board then notification will be emailed to the Product Support Helpdesk, who will oversee the assigning an authoriser process. Authorisation - you will be alerted by an email that your request was successful and UAS will set up the authorised access within a few hours. The email will contain a warning regarding removal of access when no longer required – please take note of the instructions. Rejected - the user will be alerted by email and details of the rejected request will be shown in the ‘Rejected Access’ tab where the request can be viewed, edited and resubmitted if required (see ‘View Current Access and Requests’). Contact Us  The ‘Create Request’ screen also contains a Contact Us button, which users can use if their choice of data mart/access level cannot be catered for by the UAS request access screen.

Activation of this button opens a new window - Contact Us form. This form should be completed by selecting the appropriate datamart then giving details of the issue or specific request. When the form is complete select ‘Send Request’ to submit the form to NSS Product Support team. View Access/Requests Selecting the ‘View Current Access and Requests’ button on the menu will open up a new screen with a number of tabs - you will be able to view your current authorised access as well as other requests and status information.

10 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Tab name Field detail found within tab Existing Access Level of access, Confidentiality, User Type, Status, Expiry Date, also gives the option to Change or Renew access Awaiting Authorisation Requests submitted but not yet authorised Awaiting Submission Requests that have been created but not yet submitted Awaiting Training Requests authorised and awaiting a training course Removed Access Record/s of previous access, which have been removed by the user Rejected Access Record/s of request/s for access which have been rejected by the authoriser To obtain a better view of a request select the button and or The ‘View’ button allows the you to read and review the all elements of the request. The ‘Edit’ button allows you to make changes and amendments to the current request, including those requests rejected by authorisers and also allows you to apply for renewal of access. These changes can then be submitted. In each case when a change in access is proposed by you the details of the current line manager, along with details of date of discussion regarding the change and training must be included. On submission, emails are generated to your line manager advising them of the new request, and to your authoriser advising them of the new request for their consideration. The authoriser will log into UAS to review and authorise or reject your request. Contact Details This button will show you the current details recorded in UAS in relation you. You cannot change these details in UAS, any changes should be made by emailing NSS Customer Support Desk nss.csd@nhs.net

Remove Access  You will be notified of any request via UAS by email. When you no longer require access you should arrange to have any or all access removed. This could be when you change role and no longer need to access that specific database. In such a case you would navigate to the ‘View Existing Access’ tab where the current list of Datamart access permissions will be shown.

11 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Click the box next to the data mart – that you intend to remove the access to Click the ‘Remove Access’ button - at the bottom of the table. A confirmation message will be displayed and access will be removed with immediate effect. Resubmit Rejected Access  If you submit a request for access, which is rejected by your authoriser, then the authoriser will endorse the request with the reason for refusal. Either by means of a pick list of identified reasons or by use of a free text box. In such a case, you will be notified by email of the rejection and directed to the UAS to seek clarification from the entries made by the authoriser. Rejected requests can be found in the ‘Rejected Access’ tab from the ‘Existing Access’ menu as shown below.

Selecting the ‘View’ button as seen below will show the user why the request was rejected.

12 | P a g e                                                                                                                       V e r s i o n   1 . 0   

In this example the rejected reason  was ‘No need for access at level requested’. The applicant can resubmit the request after making changes and also resubmit the request at a different level these changes are performed via the ‘Edit’ button. Review Access As well as using the UAS to request new access the online system will be an integral part in the regular review of access. A review of access takes place periodically as determined by NSS Policy and Board authorisers. The access to each data mart/information tool has an expiry date clearly shown in the Expire field (view below) and access will be removed on that date unless authorisation is renewed. You will be notified by an email six weeks prior to the expiry date and a reminder email is sent two weeks before access is due to expire. If you take no action to review your access then access will be removed on the expiry date.

Request Review To view current access and request a review of access select the ‘Edit’ button, which will open up the renewal form. Consultation regarding the review/renewal should be carried out with your line manager and the appropriate date of the discussion inserted. The access reason will also have to be confirmed prior to submission.

Once complete, ‘Submit to Authoriser’ should be selected. A confirmation message will appear and once confirmed the request will be sent to your authoriser to consider your request to renew your access.

13 | P a g e                                                                                                                       V e r s i o n   1 . 0   

If you have not submitted a renewal request, a further email warning regarding the expiry of access will be generated two weeks prior to expiry. NB - It is possible for users to simultaneously request a review of access and a change in access for example: a change to confidentiality level. Automatic removal of access If access is not renewed then the access will automatically be removed by the UAS on the expiry date. A user will be required to submit a new request if access is still required to a data mart or information tool.  Change in Access  By selecting the ‘Request a Change to Access’ button from the menu you can request a change in access at any time. Depending on the data mart, the changes can be regarding User Type, Consumer or Power or to access levels - Confidential or Non Confidential. Refer above to ‘Request Review/Renewal of Access’ for details of reviewing access and changing access simultaneously.

14 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Part 2: Authoriser Guide  

Overview All applications to access NSS data marts and information tools must be carefully considered and scrutinised by appropriate authorisers. In most cases, it will be the requesters’ NHS Board Caldicott Guardian or a person nominated by them as being a suitable delegate. There is no requirement for a Board Caldicott Guardian to nominate a delegate but the option is available. In the case of GP Practice level access requests to PRISMS and SPARRAonline these authorisation requests are carried out by the GP Principal for the practice or their deputies. Prior to the User Access System (UAS) becoming operational an exercise was carried out to identify relevant authorisers and where appropriate a deputy or secondary authoriser. NB – It is important to remember that an authoriser may also be a user of data marts or information tools. In this section we will focus on the role that is specific to the authoriser – i.e. considering requests for access. For those authorisers who are also users of data marts please refer to Part 1: User Guide for details of how to request access, etc. It is worth noting that if you an authoriser and you request access to one of the data marts or information tools, your request will be directed to the secondary authoriser in your organisation. Authorisers will be informed of requests for access submitted via UAS requiring their attention by means of an auto-generated email. In cases where an authoriser is Out of Office and a secondary authoriser is available then the email will be directed to the secondary authoriser. The auto-generated email will contain a link to the UAS system. Please note: access to the UAS can only made via a computer with a secure NHS network N3 link. Home Screen & Menu

The authoriser will be presented with the Home screen and to the left the menu. This menu is similar to the menu viewed by the general user but contains an additional three options:

Applications for Consideration Audit reports Set Out of Office

 

 

15 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Authorisation Process Applications for Consideration  Selecting this webpage will display a row of tabs:

New Requests New requests that require consideration Changed Requests Any current access requests that are requesting a change in current access. Dependant on the data mart:

access level user type confidentiality

Renewal Requests UAS will auto-administer 6-monthly or annual reviews of access (dependant on the data mart).

Resubmitted Rejected Requests where access has been rejected but have been resubmitted for further consideration. Viewing the Request

The request can be viewed by selecting the button. Then a new window will open showing the detail of the application.

16 | P a g e                                                                                                                       V e r s i o n   1 . 0   

User Request The ‘Authorise Access’ screen shows fields to allow the Authoriser to: Authorise the application Reject the application Make notes regarding the application

 

NB – In the Authorise Access screen the line manager’s details will be visible - there may be instances when the authoriser would like to contact the users Line Manager. Notes Section The notes section was created to enable Authorisers to make individual notes regarding each application, to  record discussions or decisions regarding an application and also to record the details of a rejected or re-submitted application to assist future decisions. Select the Create button pictured above, to open the textbox pictured below.

Text can be entered and then the ‘Create’ button should be selected again to save the note within the application — as shown above.

17 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Authorise Access  

Selecting the button will allow immediate access to the specified data mart and will generate an email to the applicant advising them access has been granted.

Reject Access

If the access request is to be rejected then select the button. This action will open up a box with a list of reasons – please select the most appropriate to the reject reason or select Other and insert details into the free text box. If an application is rejected, it is also recommended that the Notes section of the application is used to record details. See above. Re-submitted Access Requests  If a request is rejected by the authoriser, the requestor/applicant has the ability to resubmit the original request or amend it. For example, reduce the level of access requested and then resubmit. In such cases, the authoriser would be notified by email of the resubmission and the request would be found via the ‘Resubmitted Rejected Requests’ tab. This will show details of any resubmitted requests, which can then be processed in the same way as an initial request.

 

18 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Changed Requests  At any time you may request a change in your type of access. These changes may relate to access level, confidentiality level or user type, depending on the individual needs in relation to their role. These requests will be reported to your authoriser by email. To find a Change Request: Select the Requests for Consideration screen, then Select the ‘Changed Requests’ tab. This will show details of any change requests. Review of Access  All authorised requests are subject to a regular review of access. The timescale of this renewal of access is subject to the specified data mart or information tool – and will be at either 6-month or annual intervals. The UAS administers this renewal process automatically sending you an email six weeks prior to access expiry and again two weeks before access expiry. This allows you and your authoriser sufficient time to submit and deal with the renewal request. Authorisers will be advised by email of the renewal request requiring attention. The authoriser can consider the access request/renewal within the UAS via the ‘Authorise Requests’ button. Select the Renewal tab - which shows details of any renewal requests

If an authoriser takes no action, then emails are generated issuing a reminder at regular intervals.

If an authoriser knows they will not be available for a period of time, then the out of office functionality should be used. This will divert new requests to the secondary authorisers or in cases where there is no secondary authoriser then the user will be advised of the delay and notified of the expected return date.

Note - If a request is not renewed by the specified date then access will be removed. Audit Reports  

UAS has functionality for authorisers to view a number of audit reports. Access is via the Audit Reports link within the left-hand Menu. Enquiries regarding the Audit Reports should be made to: NSS Product Support Helpdesk on 0131 275 7050. Set Out of Office  

If an authoriser decides to set the out of office function and a secondary authoriser has previously been identified, then the UAS will divert all new requests, renewals and change applications will be diverted to the secondary authoriser until the out of office period elapses. Primary and secondary authorisers should set their out of office when unavailable and the UAS will divert requests accordingly. In the rare occasion that all authorisers are unavailable, the Product Support team will be alerted so they are able to assist. To set the out of office function, authorisers should:

19 | P a g e                                                                                                                       V e r s i o n   1 . 0   

Select the ‘set out of office’ button - which will open a new window showing the list of data marts/tools they authoriser. In the image below the Authoriser is showing as being available (2nd column), availability is signified by the letter Y (Yes).

Each data mart has a pen and paper icon (circled above), clicking the icon brings up a window where the Authoriser can select that they are unavailable and specify using the calendar, the date of return.

Once saved, Authoriser status will change. Contact Details

   This button will show you the current details recorded in the UAS in relation to your account. These account details cannot be changed in UAS any changes required should be done via communication with the NSS Customer Support Desk nss.csd@nhs.net 0131 275 7777.

20 | P a g e                                                                                                                       V e r s i o n   1 . 0   

List Data Mart & Information Tools A user may apply for access, change of access or renewal of access for anyone of these Data marts or information via the User Access System. Data Mart

Accident and Emergency ( A&E 2)

Accident and Emergency Comparative

ACaDMe (Acute, Cancer, Deaths and Mental Health)

ACaDMe Comparative

Antimicrobial Management Integrated Database for Scotland (AMIDS)

Hospital Medicines Utilisation Database (HMUD)

Navigator

National Theatres Implementation Group (NTIG)

Outpatients

Outpatients Comparative

Prescribing Information System (PIS)

PRISMS

SPARRA Online

Waiting Times