User Access

The user access security system accommodates complex organizational hierarchies for multi-national insurance companies and simple organizational hierarchies for single-office insurance companies. This security system offers flexible control over features and data available to users.

At the heart of the application security is a group of user rights that the system uses to monitor access to system features.  These user rights are specific to insurers, brokers, assureds, third parties and settling agents and are designated as either administrative or policy-related.

Administrative Scope

Administrative user rights give users access to application features related to data within their administrative scope.  In a multi-level organizational hierarchy with regions, divisions, branches. Each user is attached to a specific office in the hierarchy.

An administrative scope is defined by an administrative type:

• Users designated as Company Administrators have access to all data attached to any office within the organizational hierarchy.
• Users designated as Local Administrators have access to all data attached to the their office or to any subsidiary office (i.e. an office beneath the user’s office in the organizational hierarchy).
• Users designated as Power Users have access only to data attached to their own office.
• Users designate as Private Users only have access to data that they entered themselves.

Policy User Rights (Policy Groups)

Broker or underwriter users can have security rights for a hierarchy-independent, company-defined collection of policies. This collection of polices is called a Policy Group.  Policy groups are set up to reflect an interoffice hierarchy or an organization-wide policy grouping methodology.  If users have a security right for a specific policy group, then they have access to the feature specified by the security right for all policies attached to the policy group, regardless of which office in the organization is directly responsible for the policy.

The combination of administrative and policy-related security rights offers flexibility in managing access security.  For example, policy groups can be established for different teams within an insurer organization; most security rights granted to operations staff is based on the user’s team.  A company claims manager, however, can be granted the right to manage claims for all policy groups. Branch office accounting clerks can have the right to manage invoices and payments for all policies issued by their office only.  Senior managers at head office can have the right to report on all policies issued by any office within the organization. Assured users may only be given administrative rights.

Policy-related Security Rights and Broker / Underwriter Collaboration

Insurance policies in the system are underwritten by one or more insurance company offices, brokered by one or more broker offices, and made available to one or more assured offices or third parties (for example, freight forwarders).  Policy-related security rights, which work in conjunction with user security rights to determine access, are granted to specific offices. When a user creates a policy in the system, the office of this user - the creator office- is  attached permanently to the policy. As a result, all policy-related security rights are automatically granted to the creator office.  Other offices from other organizations that are attached to the policy may be granted different policy-related security rights by the creator.

Organizations can request certain policy-related security rights whenever any of their offices are attached to a policy. For example, an insurance company can specify that it always must have the right to confirm a policy.  Different rules may be established for each broker / underwriter association created in the system.

Licensee Site Security

The system allows each customer to host multiple licensee Web sites. Individual brokers, insurance companies, assureds and third parties can offer their users access through differentiated Web site portals.  The system’s system administrators give each licensee Web site administrative and policy-related security rights. These rights control the features available on the licensee Web site. For example, a system administrator can give a Web site a security right for recording declarations but not claims.

Note: To view a chart of all security rights, go to Security Rights.