ComeoCare can run in different modes, stand-alone, linked to an Active Directory or hybrid. If ComeoCare is linked to an Active Directory, the IT service of the hospital can define a group containing all allowed ComeoCare users.
Only people belonging to this AD group will then be allowed access to ComeoCare. The fine grained security for these users can then be set using the ComeoCare authorization mechanism.
The users can then log on using their credentials – in case of AD links, the username and password is the same as the windows credentials. If needed, single-sign-on can be activated. In this case, no logon screen is displayed, and the users are identified automatically using their windows credentials.
You can define different groups and assign the users to these groups. ComeoCare has 4 pre-defined roles:
For each of the defined groups, the administrator can also assign the fine grained permissions.