The Security and Permissions topics include information about the security options that affect a Worker’s access to client data and features in Penelope. The information in these topics is limited to security options that affect Workers after they successfully log in to Penelope — specifically, those settings that can be found on the System Administration side of Penelope in the Security > Settings and Class Setup tabs. These topics do not include information or suggestions regarding your organization’s own security policies nor does it review the authentication of user access to the database (i.e. logging into Penelope). For information about authentication options in Penelope, please review the Authentication section.
About Security in Penelope
There are four security components in Penelope:
General Security Settings
User Groups
Security Classes
Report Security Classes
These components work together to affect the features and type of data a Worker can access and modify in Penelope. Below, you’ll find an overview of the four security components with links to additional detailed information for each component.
General Security Settings
General Security Settings are high-level security settings in Penelope that affect general access to information. These settings are found in the System Administration side of Penelope on the Security > Settings page. The settings you choose on this page affect the whole of your Penelope database rather than being configured on a per-Worker basis.
Configured settings applicable to: All Penelope users
User Groups
A User Group is a predefined set of permissions that define how a Worker interacts with Penelope and the type of work they do; for example, does the Worker manage a case load of clients; does she supervise other staff; does he need access to configure the database?
There are five User Groups in Penelope each with a unique home page and default permissions regarding access to features and client records.
Intake-Mgmt and Clinical Workers can be assigned to clients and will see their Case Load as their homepage while Admin-Exec and Volunteer will be able to perform more administrative functions and see their schedule as their homepage. Sys Admin is a special User Group which provides access to most of the configuration functions in Penelope.
User Groups are core functionality of Penelope and cannot be altered. Security Classes can be created and applied to specific users above and beyond their assigned User Group.
Security Classes
Security Classes, used in combination with User Groups, are a customizable function you can use to restrict or grant access to features and client information in Penelope.
While the User Group defines the base level of permissions and interaction with Penelope, Security Class settings affect which specific screens, features and client information staff will have access to.
You can create an unlimited number of Security Classes for your agency, and you can design the Security Classes around job function, teams, etc.
Configured settings applicable to: Workers assigned to the Security Class
Report Security Classes
Report Security Classes affect which reports Workers have access to in Penelope. The default Report Security Classes (corresponding to User Groups) cannot be modified; however, an unlimited number of custom Report Security Classes can be created.
Configured settings applicable to: Workers assigned to the Report Security Class.