Revalidation - Access & Permissions

Owned by ify.onyenokweorhiunu (Unlicensed)
Last updated: 21 May 2024 by Adewale Adekoya
2 min read

Assumptions

Revalidation will act as a proof of concept for the new user management process & permissions model to be rolled out across TIS.

Note: A revalidation admin user shall only be given just one role.

Implemented Reval Roles

Role name

Reval Permissions

TIS Function

Location

Comments

Role name

Reval Permissions

TIS Function

Location

Comments

Old: RevalSiteAdmin

New: HEE User Admin (existing role)

  • manage users / permissions

All functions

All local offices / designated bodies

  • For TIS team & Support teams

HEE Admin Revalidation

  • Login

  • Login

 

Without this Role, No access to reval.

Something TIS team to look into.

Old: RevalSuperAdmin

New: Not required as it’s a combination of HEE User Admin and Reval Approver.

  • Manage users / permissions

  • read

  • write

  • approve

  • submit*

All functions

All local offices / designated bodies

  • For Senior HEE admins / RO

  • approval relates to other Admin actions as part of workflow

  • submit relevant for sharing data beyond TIS

Old: RevalTISAdmin1

New: Reval Approver

  • read

  • write

  • approve

  • submit*

Single function i.e. Revalidation

Single local office / designated body - can be multiple (London)

  • For HEE admins

  • approval relates to other Admin actions as part of workflow

  • submit relevant for sharing data beyond TIS

  • Append user role with relevant section of TIS i.e. TISAdmin1_Reval

  • Possible to add multiple functions (by adding additional role)

  • Possible to add multiple locations

Old: RevalTISAdmin2

New: Reval Admin

  • read

  • write

Single function i.e. Revalidation

Single local office designated body - can be multiple

  • For HEE admins

  • Append user role with relevant section of TIS i.e. TISAdmin2_Reval

  • Possible to add multiple functions (by adding additional role)

  • Possible to add multiple locations

Old: RevalTISAdmin3

New: Reval Observer

  • read only

Single function i.e. Revalidation

Single local office designated body - can be multiple

  • For HEE admins

  • Append user role with relevant section of TIS i.e. TISAdmin3_Reval

  • Possible to add multiple functions (by adding additional role)

  • Possible to add multiple locations

  • Role appears redundant currently as HEE Admin Revalidation is required to login and provides read only access

RevalTrust - out of scope for Revalidation

  • read only

TBC

Single local office

  • non-HEE users

  • no requirement for HEE email address

  • password reminders required every <XX period>

 

@Alistair Pringle (Unlicensed) @Adewale Adekoya @Ashley Ransoo can you please review the above and confirm that it would work for other areas of TIS (non-Trainee related)

Note that interactions are defined per area in the relevant confluence page.

 

User Management & Permissions Model DRAFT

The below illustrates the overall user management model to be implemented.

 

Data Flow Diagram DRAFT

 

User Flows DRAFT

<PROCESS FLOW TBC>

 

Permissions Management - request & update flow DRAFT

In order to request and update permissions and roles, this process illustrates what needs to be included.

 

 

@Alistair Pringle (Unlicensed) @Adewale Adekoya @Ashley Ransoo can you please review the above and confirm that it works for you?

Slack: https://hee-nhs-tis.slack.com/
Jira issues: https://hee-tis.atlassian.net/issues/?filter=14213