User Security & Access Control in AllMed PM

User Security & Access Control in AllMed PM

(HIPAA Compliance, User Roles, and Permissions)

HIPAA regulations require that every individual who accesses patient data have their own unique user name and password. Shared logins are not permitted.

AllMed PM is designed to fully support HIPAA compliance by allowing you to:

  • Create individual user accounts

  • Assign granular access rights

  • Restrict provider and patient visibility

  • Track responsibility by user

Important HIPAA Requirement

You must delete or modify the default user account and create unique credentials for every user who will access the system.

Each user must have:

  • Their own Login ID

  • Their own Password

  • Only the permissions necessary for their role

Program Administrator (Super User)

The first user created should be the Program Administrator, also referred to as the Super User.

In small offices, this is often the owner or office manager.

Super User Responsibilities

A Super User can:

  • Create, edit, and delete users

  • Reset usernames and passwords

  • Grant or revoke user permissions

  • Control access to Security settings

  • Lock users out of the system

  • Access all providers and all data

⚠️ Super User access should be limited to trusted individuals only.

Accessing User Setup

  1. From the Top Navigation Menu, click Security

  2. Select Users

  3. Locate the default Demo user (this is the original master account)

  4. Click Edit to open Edit User Info and Rights

Editing or Creating a User

User Information

Enter the following:

  • Last Name

  • First Name

  • Middle Initial (optional)

  • Login ID

  • Password

The username and password should be known only to the individual user.

Assigning User Rights

Each user’s access is controlled by selecting specific permission checkboxes.

Common Permission Categories

Claims

  • Edit Data

  • Delete Data

Patient Data

  • Edit Data

  • Delete Data

Pay & Adjust

  • Edit Data

  • Delete Data

Statements

RCM

Schedule

  • Edit Data

  • Delete Data

Setup

Run Reports

Super User & Security Access

For Program Administrators:

  • Check Super User

  • Check Access Security

Access Security Allows:

  • Adding, editing, and deleting users

  • Locking users out of the system

  • Full control over all records

  • Running all reports

  • Modifying security-related settings

Access Security can only be granted by an existing Super User.

Provider Access Control

Each user can be limited to specific providers.

Available Provider Options

  • All Providers
    Full access to all providers and their patients
    (Recommended for Program Administrators)

  • Selected Providers
    Limits the user to only selected providers and their patient data

This ensures:

  • Staff only see what they are authorized to see

  • Cleaner workflows

  • Better compliance and accountability

Best Practices for User Security

  • Never share login credentials

  • Remove access immediately when an employee leaves

  • Limit Super User access

  • Assign only the permissions required for each role

  • Review user access periodically

Key Takeaway

User Security in AllMed PM is not just a setup task — it is a HIPAA compliance requirement.

Properly configured user accounts:

  • Protect patient data

  • Reduce liability

  • Improve accountability

  • Keep your practice compliant


    • Related Articles

    • Understanding Reports, Lists, and Security Rights in AllMed PM

      AllMed PM is designed around functional groupings. Once you understand how these groups are organized, you can quickly find reports, control user access, and troubleshoot issues without guessing. This article explains: How reports are grouped What ...

    • Procedure Codes in AllMed PM

      Setup, Shortcuts, Pricing, and Advanced Real-World Uses Procedure Codes in AllMed PM are far more powerful than a basic CPT list. They are the backbone of fast claim entry, flexible pricing, patient-only billing, and advanced workflows that many ...

    • CMS-1500 & UB-04 Claim Controls in AllMed PM

      (CMS-1500 and UB-04 Claim Behavior & Printing Controls) The Insurance Options section in AllMed PM is one of the most powerful — and least documented — areas of the system. These options control how claims print, what data appears in specific boxes, ...

    • System Options in AllMed PM

      (Core Settings That Control How the System Behaves) The System Options area in AllMed PM controls how claims are created, validated, printed, and managed behind the scenes. These settings affect every user, every claim, and every workflow, so they ...

    • Insurance Options in AllMed PM

      CMS-1500 & UB-04 Claim Controls (Complete Reference) AllMed PM provides insurance-level configuration options that control how claims print, transmit electronically, and comply with payer-specific requirements. These settings are one of the most ...