SOP: Creating New Roles


This procedure should be used when a new classification of user within the SanteDB system (an access role) is desired. Access roles are used to control which system functions and data access is granted or denied to a user.

Use Procedure When

  • A new user classification is required
  • An existing group does not (or can not) fulfill the same purpose
  • When further, restrictive control is required for individual user accounts


Before Beginning

  • Approvals to create a new role gathered
  • Role has been documented and initial members list established
  • Familiarize yourself with the Security Architecture
  • Your user account has the Create Roles policy granted
  • Necessary, context specific approvals and conventions
    • Include things like signatures required
    • Or whether the incident needs to be documented
    • Your IT department should have common security practices in place

Procedures / Tasks

  1. 1.
    Access the SanteDB Administrative Portal byLogging In
  2. 2.
    Access the Security Administration menu item
  3. 3.
    Access the Group List by clicking groups clicking Create
  4. 4.
    Create the group as documented in Creating Groups
    1. 1.
      The name of the group should comply to conventions
    2. 2.
      The name should be unique within the organization/project
  5. 5.
    Assign the appropriate access policies to match documented group function (as documented in Assigning Policies)
  6. 6.
    Assign the desired role membership (those for which appropriate documentation has been gathered) . (see: Assigning Users)

After Completion

  • Notify the requestor and group members of their access
  • Close work item in ticketing system (or related documentation for completion)

Summary Information

Current Status: Sample Reviewed By: SanteSuite Team

Revision History

Justin Fyfe (SanteSuite)
Initial Version

See Also