When you manually assign a permission to a user, it is helpful to document the reason for the assignment. The system provides a dedicated comment field for each permission for this purpose.
For example, a comment can explain why a user has access to a specific system, such as a patient record.
Who can edit and view comments?
The access level for comments is straightforward:
-
Editing: The comment can be edited by any administrator who has the authority to grant or revoke the user's permission.
-
Viewing: The comment is visible to anyone who can view, edit, or delete the user's permissions. This includes the user themselves.
Using comments in message flows
You can dynamically include the permission comment in automated message flows.
To do this, insert the following variable into your message template:
[OBJECTPERMISSION; Comment; SystemRoleId; <ID of the permission>]
Note: Remember to replace <ID of the permission> with the actual ID of the permission you want to reference.