The Epic training team is currently in the middle of completing the 2024 Epic Access Audit. There are over 6000 staff members whose Epic access needs to be validated but what are we checking, and why do we do this?
Each year we ask managers/admins to review what security templates and subtemplates that staff have within Epic – there are hundreds of different Epic security templates and subtemplates. Each template gives staff a different level of access within the system and is based on your role within the institute. That is why your Epic screen might look different than the person next to you. A subtemplate overrides a security point within that template to either grant the staff additional access or limit their access. For example, if you are a physician assistant you receive the Physician Assistant – Ambulatory and/or Inpatient template plus an LOS subtemplate that gives you the correct levels of service for billing.
When a new staff member starts, their manager selects which role they need on Epic Access Request form. Most clinical roles require additional checks to ensure the new staff member has the proper job title and licensing for the role that was selected. Then the appropriate training is assigned, and once completed, the staff member is given the Epic security template that is linked to that role and training track. It’s straightforward if the access request is for a new hire who hasn’t worked at DFCI, or a MGB site, before. However, nothing is straightforward anymore, especially since the pandemic. Staff transfer departments, help on projects/coverage that might require additional Epic access in the interim, etc. Perhaps it was determined that all staff in the department need an additional subtemplate but the new hire didn’t get it. That is why once a year we ask managers to validate that staff have the correct Epic access for their current role – nothing more than they need and nothing less. It is important that staff only have the access that they need to complete their current job. If they have additional access from a previous role, are missing access that they need, or if you are unsure what each templates grants, then the Epic Training team can assist.