Description of the Security Management System

The Security Management System (SMS) allows state and local facilities to grant access to secure OMH applications.

The SMS reduces the time it takes to add and remove users and expand or reduce users' access to sensitive data. It also allows Security Managers to reset passwords.

How to gain access to SMS:

1. Facility Director selects a Security Manager to oversee SMS.
2. Director contacts OMH Security Group to request a ‘security manager’ email.
3. The Security Group sends the email to Director – Director then forwards to designated Security Manager.
4. Security manager uses information in the email to Self-Register for SMS.
5. OMH receives registration and reviews for approval.
6. UserID and SecureID token to logon is issued to the Security Manager.

What is a Security Manager?

1. Knows who should and should not be granted access at the facility.
2. Makes sure their staff’s access is correct and updated on a regular basis.
3. Adds & Deactivates users.
4. Acts as point of contact at facility for Users seeking access to OMH applications.
5. Resets users’ passwords.
6. The only one at your facility who has access to use SMS.
7. Should be familiar with facility policies for handling confidential information (Visit our HIPPA page for more information).

How is SMS used for the Patient Characteristics Survey (PCS) application?

Security Managers add and remove PCS application users and determines their level of access (security group).

Example:

• The Security Manager may give persons A and B the ability to submit and view data for service recipients of unit 101 (Submitter).
• They may give person C the ability to submit data for service recipients of unit 102 (Submitter).
• They may give person D the supervisory authority to submit, view or download client data for all units (Supervisor).

Security Group Definitions:

• Submitter – A person assigned to enter/edit data and view/print reports in the PCS application for their units or sites.
• Supervisor – Supervisors may perform all functions of a Submitter for every unit throughout the facility. They may also download the facility's data file.

Comments or questions about the information on this page can be directed to the OMH Helpdesk.