Atlas access and security is controlled through the use of system roles. Users are assigned to a set of roles that provide access to the data and features required to perform their job tasks. Some roles grant broad access that cross multiple areas of Atlas, such as Base View and Affiliate Admin. Other roles control access to very specific features, such as MRN Access and Appeal Admin.
All users will be assigned to one and only one of the following base roles:
- Base View – Most common base role
- IPC Base – BWH IPC users
- Affiliate Admin and Affiliate Manager – The few users who require “full affiliate access” to Atlas; only MGB users will have full access to Atlas (system administrator)
Descriptions of each role are included in the following tables:
View Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Base View | View most constituent details, tiles, planning calendar, appeals, revenue, events, designations, purposes, campaigns, naming opportunities, Development Workspace | All users will have Base View, IPC Base (BWH only), Affiliate Admin, or Affiliate Manager. |
| Epic Confidential Visits View | Access to confidential patient data including: *Patient records that are flagged as confidential on the Patient tab of constituents *The "Epic patient visits - restricted" query view *Patient records on constituents with the Staff constituency *UPDATES PLANNED FOR Q4CY20: Refer to details here: http://phdevdoc.wpengine.com/encyclopedia/patient-patient-detail/ | Must also have Patient View |
| Interaction View | View constituent interactions. | |
| Patient View | View patient data | |
| Prospect View | View the Prospect and Fundraiser tab on constituents, fundraising plan details | |
| Wealth and Ratings View | View wealth and ratings area | |
| Client Services Restricted | Denies access to interaction notes of specific notes types (for MGH, denied note types include Client Services Consultation Detail and Client Services Contact Detail) |
Constituent Management Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Constituent Staff | Manage constituent details including Fundraiser constituency, contact details (except address), personal info, interests, event restrictions, relationships, prospect status, flag prospect, communication preferences, educational history; can also review event invitee list, add research requests, manage group members | |
| Constituent Admin | Manage Constituent data integrity workspace, add/remove spouses, manage constituencies and alternate lookup IDs, decease and inactivate constituents | Must also have Constituent Staff |
| Constituent Add | Add individual and organization records; will be assigned with sites for BWH users | |
| Group Admin | Add group/committee records | |
| Interaction Management | Add, edit, delete constituent interactions; interactions will be site-secured for BWH | Must also have Interaction View. |
| Address Admin | Add/edit/delete constituent addresses | |
| MRN Access | Access to alternate lookup IDs with MRNs | |
| Alternate Lookup ID Admin | Manage alternate lookup IDs on constituents | |
| Name Format Admin | Manage name formats | |
| Constituent Attributes Admin | Manage constituent attributes on constituent records | |
| Constituent Merge | Run constituent merge processes, merge 2 constituents on an ad-hoc basis | |
| Constituent Delete | Delete constituent records | |
| Constituent Documentation | Manage Constituent Documentation for individual and group constituents | |
| Constituent Audit | Access the Constituent history tab |
Gift Processing Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Gift Processing | Add/update revenue via batch; manage revenue, tributes, recognition defaults, appeals, matching gifts, benefits, receipts; run credit cards, BrightVine Data Loader | Must also have Batch and Import and Gift Support. |
| Revenue Adjustments | Adjust payments and pledges | Must also have Gift Processing |
| Gift Processing Manager | Run post to GL, global pledge write-off, recurring gift status processes; add and update purpose and designation records; general ledger setup | Must also have Gift Processing. |
| Gift Processing Reporting | Run Gift processing related reports. May be assigned to non-development staff (e.g., finance staff) without other roles except Base view | |
| Gift Support | Add/Edit/Delete revenue attributes, solicitors, documents, recognition credits, campaigns, and business units |
Prospect Management & Research Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Prospect Staff | Manage fundraising and stewardship plans, prospect status, flag prospect, opportunities, contact reports, prospect teams, funding interests, research requests, referrals; access to My Fundraiser Page, FROG; add research requests | Must also have Prospect View |
| Prospect Admin | Assign prospects in bulk, manage prospects in bulk, Fundraising Teams Management | Must also have Prospect Staff |
| Prospect Assignment | Assign/unassign prospect managers, access Manage prospect assignment requests area | Must also have Prospect Staff |
| Research | Manage Wealth and ratings data, wealth screenings, research lists, research tools; access My prospect research page; manage educational institutions in the Educational Catalog | Must also have Prospect Staff |
| Research Request Cancel/Delete | Cancel & delete research requests, including prospect assignment and stewardship report requests | |
| Planned Giving | Manage planned gifts, add planned gifts as revenue | |
| Constituent Mapping | Access to constituent mapping, manage mapping instances | |
| Opportunity Revenue | Link existing revenue to opportunities | Must also have Prospect Staff |
| Solicitor Goal | View solicitor goals tab | |
| Mailing List Admin | Enable Mailing list review via My Fundraiser | Must also have Prospect Staff |
Stewardship Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Stewardship Staff | Manage custom acknowledgements and stewardship report requests | |
| Stewardship Manager | Manage stewardship plans and naming opportunities; manage specific purpose details including Financial Info, Recipients, Naming opportunities, Stewardship, Documentation, and Goals | |
| Recognition Program Membership | Manage recognition program membership | |
| Interaction Revenue | Link existing revenue to interactions | Must also have Interactions |
| Purpose Attributes | Manage attributes on purposes |
Event Management Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Event Manager | Add events, event management templates, locations, registration types, restrictions types; manage event coordinators and tasks, fundraising teams, speakers, expenses, registration options, event preferences | |
| Event Seating | Assign seats | |
| Event Attendance | Manage RSVPs and waitlists; update attendance status per invitee; event registrant batch entry; view benefits | Must also have Batch and Import |
| Event Invitation Admin | Add and process event invitations |
Marketing & Communication Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Direct Marketing | Manage marketing efforts, segments, packages, seeds, vendors, donor challenges; view source codes | |
| General Correspondence | Manage general correspondence processes and correspondence codes | |
| Revenue Communications | Manage revenue communication processes including acknowledgements and reminders | |
| Ad-hoc Communications | Add ad-hoc general correspondence and appeals on a constituent's Communications tab |
Other Admin & Miscellaneous Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Affiliate Admin | Full system access EXCLUDING: *Page designer and shell design *Add attribute categories *Manage revenue and recognition reporting filters *Run Data Warehouse processes *Schedule business processes *Maintain system roles *Add application users Affiliate Admins can manage roles assignments on existing users. | Epic Confidential Visits is the only other role that might be required for users with Affiliate Admin |
| Affiliate Manager | Full system access EXCLUDING the features listed for Affiliate Admin as well as these unused features: *Treasury *Web *Foundations *Auction Events *Membership *Appeal Mailings | Epic Confidential Visits is the only other role that might be required for users with Affiliate Manager |
| Appeal Admin | Add appeals | |
| Batch and Import | Access batch entry and import tasks; specific batch types are granted through other roles | |
| Query and Export | Access the Information library, queries, and KPIs; manage export processes; query source views are granted through other roles | |
| Campaign Manager | Add and manage campaign records | |
| Volunteer Manager | Full access to the Volunteers functional area | |
| Grant Manager | Full access to the Foundations functional area minus Credit rules setup | |
| Outlook Integration | Standard role included with BrightVine Outlook Integration | |
| Global Changes | Add and manage global changes. Global change instances that should not be accessed by non-Affiliate Admins should be restricted to the Affiliate Admin role. Refer to http://phdevdoc.wpengine.com/encyclopedia/security-administration-tips-gotchas/#business_process for more details. | |
| Smart Query Definitions | Add new smart query definitions based on ad-hoc queries | |
| IPC Base | Access to view and manage: *Contact details *Alternate lookup IDs including MRNs *Aliases *Relationships *Selections (view only) | IPC users will also require Interactions, Patient View, Epic Confidential Visits, and Constituent Add |
| User Manager | Add, edit, and inactivate application users. This role will only be used by MGB users who are not System Administrators. Affiliate users will not be able to add application users even if they are assigned to this role because specific features have been denied in the Affiliate Admin, Base View, and IPC Base roles. |
Atlas Portal Roles
| Role | Description | Dependencies & Related Roles |
|---|---|---|
| Portal Admin | Access all Atlas Portal tabs and the Atlas ID Identification Processes. | |
| Portal User | Can assign Partners ID to constituents and access the Atlas ID Identification review page. | Portal View |
| Portal View | Can view all Atlas Portal tabs and search for constituents across database. | Can only search databases where they already a User record. |