Note: If a user is granted activity access for a certain entity type (for example, the Activities right under Insured Clients > Insured Clients), all access granted in the General > Activities section transfers to that entity type's activity list. The reverse is also true: if you wish for the user to work on activities for insured clients, you must make sure the Activities right under Insured Clients > Insured Clients is granted in addition to the desired rights listed below. Otherwise, the user will not be able to access an insured client's activity list, regardless of being granted the View right in the General > Activities area.
Note: Activities are separated into different access levels, which are defined under Configure > Activity > Access Levels. Activity note access for the different levels is granted in this area, through separate security rights (e.g. Note Access: Management).
| Permission | Enables | Implications | Related |
| Access the activity lists for all applicable entities (see notes preceding this table). View the activity detail for any activity that displays on the Home screen. | Because activity follow-up actions are so crucial, it is recommended to grant this right universally. If a user's activity viewing rights should be restricted, you should instead restrict that user's access to activity notes for certain levels or deny that user the right to access activities for certain entity types (see notes preceding this table). | ||
| Manually add an activity (users without this right may still add activities triggered by system events). | It is recommended to grant this right universally, so that all users are able to manually enter activities for documentation purposes or follow-up reminders. Any unnecessary activities can be closed. | ||
| Edit activity detail. | You may wish to restrict this right in order to preserve consistency in activity descriptions and to prevent users from reassigning activities. If you deny a user this right, you can still allow the user to perform certain key actions on an activity (see Related column). However, denying this right means the user will be unable to add new tasks to an activity, or to change the status of a task as it progresses. | This right does not enable the user to add a note to an activity or to close or reopen it. Those actions are covered by separate security rights in this area. | |
| Use the Close action available from the Activities list. | Because it is necessary to ensure that all follow-up actions are completed, you may want to restrict this right to personnel in certain roles. | ||
| Use the Reopen action available from the Activities list. | |||
| View activity notes for this particular access level (see notes preceding this table). | If a user is denied note access for a certain access level,
those notes will not be visible to the user from any areas of
the system. This includes the Notes list and the output of any
reports run by the user.
Keep in mind that users may set a User Default for the access level of the notes that they add. They are able to override this when adding notes, but if they select a non-public access level, they may not realize that users with restricted rights will be unaware of the notes' existence. |
This right enables the user to view activity notes for a given access level, but not to change their access level. The Change Access Level option is controlled by a separate security right in this area. | |
| Use the Add a Note action available from the Activities list. | Because of the permanence of activity notes, you may wish to restrict users' rights to add them. Denying this right, however, makes it impossible for a user to document detailed information on an activity. | ||
| Use the Change Further Actions action available from activity detail. | The default further actions are established in the activity code configuration and are based on brokerage procedures. Therefore, it would be advisable to limit this right to the users who are granted the Edit Codes right under Configure > Activities. | ||
| Use the Change Access Level option available when you right click an activity in the Activities list or add a note using the Add button in Activity Detail. | This right enables the user to add notes to Activity Detail, but not to close or reopen the activity. Those actions are covered by separate security rights in this area. | ||
Activity Note – Show All Access Levels When Adding Notes |
View activity notes for all access levels (see notes preceding this table). | A user with this right has access to all activity notes in any area of the system (including the Notes list and the output of any reports the user runs). This means that this right overrides any restrictions in place for the user at specific activity note access levels. For this reason, this permission should be limited. | To change a note’s access level, the user must also be granted. the Change Access Level right under Configure > Activities. |
Note: If a user is granted attachment access for a certain entity type (for example, the Attachments right under Insured Clients > Insured Clients), all access granted in the General > Attachments section transfers to that entity type's attachments list. The reverse is also true: if you wish for the user to work on attachments for insured clients, you must make sure the Attachments right under Insured Clients > Insured Clients is granted in addition to the desired rights listed below. Otherwise, the user will not be able to access an insured client's attachment list, regardless of being granted the View right in the General > Attachments area.
Note: Attachments are separated into different access levels, which are defined under Configure > Attachments > Access Levels. Attachment view, edit, and delete rights for the different non-public access levels are granted in this area, through separate security rights (e.g. Attachment View Access: Financial).
| Permission | Enables | Implications | Related |
| Use the Convert to PDF action to convert one or more existing attachments to a single PDF. | This action can be useful when multiple attachments need to be sent to a client as a single file or when attachments must be in PDF format (for example, when a user performs the Send to eSignature action). For this reason, granting this right to users in servicing roles is recommended. | ||
| Access the attachment lists for all applicable entities (see notes preceding this table). | Because viewing attachments can be crucial to understanding the activity on an account, it is recommended to grant this right universally. If a user's attachment viewing rights should be restricted, you should instead restrict that user's right to view attachments at certain access levels or deny that user the right to access attachments for certain entity types (see notes preceding this table). | ||
| Add an attachment (this includes the right to add a template attachment when creating a proposal or summary of insurance). | While restricting users' rights to add attachments keeps the attachment lists cleaner, it also impedes user productivity. Any user responsible for marketing or servicing accounts should be granted this right. | ||
| Delete attachments that are not system generated and do not have an access level other than Public. | Attachments are never truly deleted from the system; deleting
an attachment simply marks it as Inactive.
Inactive attachments can be accessed by changing the Attachments
list view filter.
This security right is still significant, however, because deleting an attachment means that it no longer displays by default and other users will not be aware that it exists. |
||
| Edit attachments that are not system- generated and do not have an access level other than Public. | Denying users this right helps preserve data integrity. From a policy standpoint, some attachments should be considered editable while some should not. You can use the Edit rights for the separate attachment access levels to enforce these distinctions. | This right should be considered in conjunction with the Replace Original on Edit right under General > Attachments. | |
| Use the Move Attachment action to move an attachment to a different folder, a different account, or a different item on the same account. | This action can be convenient when a user inadvertently associates an attachment to the wrong item (for example, an opportunity instead of a policy) and needs to make a correction. | This right only allows the user to change an attachment’s folder location or its account or item association. To edit an attachment’s contents, the user must also have the Edit Public Attachments right granted. | |
| Delete system-generated attachments with an access level of Public or an access level for which the user has Delete rights. | Attachments are never truly deleted from the system; deleting
an attachment simply marks it as Inactive.
Inactive attachments can be accessed by changing the Attachments
list view filter.
This security right is still significant, however, because deleting an attachment means that it no longer displays by default and other users will not be aware that it exists. It is particularly important to be aware of the system-generated attachments created on a certain day, because these are documents that were generated (and usually distributed) automatically by workflows such as generating invoices or issuing certificates. They therefore serve as an audit trail. |
||
| Use the Replace button when editing an existing Word document from the Attachments list. | When a user replaces an attachment upon editing it, the existing
attachment is classified as Inactive
(see the description of the Delete
Public Attachments right above) and the edited version
replaces it in the list. If the user does not select Replace, the previous version is retained as an active attachment and the edited version is added as a new, separate active attachment. The way that you manage this workflow depends on your brokerage's procedures and how you monitor the attachment history and audit trail. |
In order to access this workflow, the user must also be granted Edit Attachment rights. | |
Add Client Accessibility |
Designate a new attachment as Client Accessible on the Attach To screen | Users who have this right can make attachments temporarily or permanently available to insureds through the Applied CSR24 Client Portal when adding them. The Client Accessible frame is only available for attachments associated to client accounts. | The Client Access frame must also be activated in System Settings. |
View Client Accessibility |
View the Client Access frame in Attachment Details | Users who have this right can view the Client Accessible frame to note whether an attachment is available to the insured through the Applied CSR24 Client Portal, but they cannot make changes to these settings without the Edit Client Accessibility right. The Client Accessible frame is only available for attachments associated to client accounts. | The Client Access frame must also be activated in System Settings. |
Edit Client Accessibility |
Change the Client Accessible selection and/or Expire on date for an existing attachment | Users who have this right can edit the fields in the Client Accessible frame to make an existing attachment available or unavailable to the insured through the Applied CSR24 Client Portal, or change its Expire on date. The Client Accessible frame is only available for attachments associated to client accounts. | In order to access this workflow, the user must also be granted Edit Attachment rights. The Client Access frame must also be activated in System Settings. |
| Use the Reactivate Attachment action to reactivate an inactive attachment. | Users may occasionally delete (i.e. inactivate) attachments in error. Users who have this right granted can restore these deleted attachments to Active status from the Attachments – Inactive list. | ||
| Use the Distribute Attachments or Send via Email action from an entity’s Attachments list. | The Distribute Files action enables you to convert files to PDF and group multiple PDFs into a single file during distribution. Granting this right to servicing personnel streamlines the distribution workflow for them, as they do not have to navigate to the Procedures area to distribute files. |
||
| Use the Send to eSignature action to obtain a client's electronic signature on attachments. | This action can expedite workflows in which a signature is required by capturing the signature electronically, rather than on a hard copy of the document. |
In order to perform this action, the user must also have an account with one of Applied's eSignature partners. For more information on selecting an eSignature partner for your organization, click here. | |
| Use the Policy Checking action to submit documents to Policy Checking for comparison and view Policy Checking Results from the Access menu. | This action expedites the process of checking a policy for accuracy, especially a large commercial policy, by automatically identifying differences between the policy and other selected documents. |
To use Policy Checking, the user must also have an Coupa licence. For more information on obtaining a licence, contact sales@appliedsystems.com. | |
Delete Policy Checking Results |
Delete policy checking results more than 60 days old with a status other than Completed. | Deleting policy checking results permanently removes them from the system. Use caution when granting this right. |
The user must also be granted the Policy Checking right. |
| Designate a new attachment as Do Not Purge and set an Expire on date. | Users who have this right can exclude new attachments from the Purge Attachments utility, whether they add them in the Accounts or Configure area. To ensure that your organization retains or purges only the appropriate attachments, this permission should be limited. | To designate new attachment templates as Do Not Purge, the user must also be granted the Templates right under Configure > Attachment. | |
| Change the Do Not Purge selection and/or Expire on date for an existing attachment. | Users who have this right can exclude existing attachments from the Purge Attachments utility or make excluded attachments eligible for purging (both individual attachments at the account level and default attachments in the Configure area). To ensure that your organization retains or purges only the appropriate attachments, this permission should be limited. | To edit Do Not Purge settings on existing attachment templates, the user must also be granted the Templates right under Configure > Attachment. |
|
| Full access (view and edit) to Configure > Attachment > System Settings | This should be considered in conjunction with user security, as attachment access levels determine which users have access to non-public attachments. Rights to each of the attachment access levels defined in this area are found under General > Attachments. |
| Permission | Enables | Implications | Related |
| Access the Contact list for an account. | The user must also have the necessary security rights to locate the account in order to view the Contact list. The Locate right is assigned separately for each entity type (brokers, companies, employees, finance companies, insured clients, other interests, prospective clients, and vendors). | ||
| Add a contact to an account. | Restricting the number of users who can add contacts helps eliminate record duplication. However, being unable to add a contact on the fly may negatively affect a user's efficiency in servicing an account. | The user must also be granted the View right under General > Contacts. | |
| Delete a contact. | Deleting a contact from the system permanently removes the record; it is not retained in any form. Therefore, you may wish to use some caution in granting this right. Outdated contact records, however, can be misleading and may hinder various workflows that draw information from the Contact list. To ensure these records are removed in an efficient manner, you will need to make sure enough appropriate personnel are granted the ability to delete them. | The user must also be granted the View right under General > Contacts. | |
| Edit contact detail. | The user must also be granted the View right under General
> Contacts.
If the user is not also granted the View Personal Tab and Edit Personal Tab rights, the fields on the Personal tab in contact detail cannot be edited. |
||
| View the Personal tab in contact detail. | Because this tab contains sensitive information, including the contact's date of birth and social security number, it is recommended that you grant this right only to personnel who need to view this information. | The user must also be granted the View right under General
> Contacts.
The Social Security # field is secured by separate security rights which are stored under each individual entity type (brokers, companies, employees, finance companies, insured clients, other interests, prospective clients, and vendors). For example, in order to view the Social Security # field for a contact on a broker account, you would need to be granted the View/Edit Social Security # right under Brokers > Personal Data in addition to the rights granted in the General > Contacts area. |
|
| Edit the Personal tab in the contact detail. | Because this tab contains sensitive information, including the contact's date of birth and social security number, it is recommended that you grant this right only to personnel who need to edit this information. | The user must also be granted the View and Edit rights under
General > Contacts
as well as the View Personal Tab right.
The Social Security # field is secured by separate security rights which are stored under each individual entity type (brokers, companies, employees, finance companies, insured clients, other interests, prospective clients, and vendors). For example, in order to edit the Social Security # field for a contact on a broker account, you would need to be granted the View/Edit Social Security # right under Brokers > Personal Data in addition to the rights granted in the General > Contacts area. |
|
| Edit detail for the contact designated as the Main Business Contact on an account. | The Main Business Contact designation is primarily used for reporting purposes. In the case that an account has a large number of business contacts, this distinguishes the business that relates to the account itself rather than just existing as a contact on the account. | ||
| Access the Import Contacts and Export Contacts actions available from the Contacts list or contact detail. | Because the Import Contacts action may be used to add a large number of contacts to the list, and because an import cannot be undone, you may wish to restrict user access. | This security right grants the user access to the Import Contacts - Batches screen, but in order to add a batch file and complete the import, the user will also need to be granted the Import/Export Contacts - Add and Import/Export Contacts - Edit rights under General > Contacts. | |
| Add an import batch while using the Import Contacts action. | This right is not necessary in order to import an existing contact batch. You may deny this right to users who will be performing imports but should not have the ability to upload new files themselves. | In order to view the created batch and complete the import,
the user will also need to be granted the Import/Export Contacts
- Edit right under General >
Contacts.
The Import/Export Contacts right is necessary in order to access this screen. |
|
| Delete an import batch while using the Import Contacts action. | Deleting batch files that are no longer needed helps keep the list of available batches clean. However, if the original copy was deleted when the batch file was uploaded into the system, deleting it here makes the data inaccessible. You should weigh the benefits against the risks when assigning this security right. | The Import/Export Contacts right under General > Contacts is necessary in order to access this screen. | |
| Preview an import batch while executing the Import Contacts action. Make any necessary changes to the batch and complete the import. | The Import/Export Contacts right under General > Contacts is necessary in order to access this screen. | ||
| Add a payment method on the Payment Methods tab of contact detail. | Restricting the number of users who can add payment methods helps eliminate record duplication. However, being unable to add a payment method on the fly may negatively affect a user's efficiency in servicing an account. Use caution in granting this right, as this area contains sensitive banking information. | The user must also be granted the View and Edit rights under
General > Contacts.
If the user is not also granted rights to the Account number, Routing number, Institution number, and Transit number fields under General > Personal Data, these fields cannot be viewed or edited. |
|
| Edit an existing payment method on the Payment Methods tab of contact detail. | Use caution in granting this right, as this area contains sensitive banking information. | The user must also be granted the View and Edit rights under
General > Contacts.
If the user is not also granted rights to the Account number, Routing number, Institution number, and Transit number fields under General > Personal Data, these fields cannot be viewed or edited. |
|
| Delete a payment method on the Payment Methods tab of contact detail. | Deleting a payment method from the system permanently removes the record; it is not retained in any form. Therefore, you may wish to use some caution in granting this right. | The user must also be granted the View and Edit rights under General > Contacts. | |
| Create or edit a CSR24 Self-Service Portal account from the contact detail screen. | By default, this security object is granted to all users. However, you should deny it to any users who do not have the authority to create new or edit existing CSR24 Self-Service Portal accounts if your organization limits access to this functionality. | The user must also be granted the View right and the Add and/or Edit rights under General > Contacts. |
| Permission | Enables | Implications | Related |
Edit Lookup Code |
Edit the Lookup Code in account detail. | Users with this right can manually edit the lookup code or can regenerate it from the account name. It is not advisable to change lookup codes often, but it may be necessary in some cases (e.g. a marriage results in a change of last name). | In order to change the lookup code for an account, the user must also have rights to view and edit detail for that account type. |
Display in Listview Regardless of Confidential Client Access |
View lists throughout the system with no Confidential Client Access filters applied. | Users with this right can view Confidential Client Access clients in lists; accounts, policies, etc.), regardless of whether they have security access to the associated structures. They will not be able to access the item detail, but all information displaying in the list columns will be visible. | |
Access Account Regardless of Confidential Client Access |
Access Confidential Client Account throughout the system with no Confidential Client Access filters applied. | Users with this right can view confidential clients’ accounts regardless of whether they have security access to the associated structures. | |
| View and edit brokerage commission information in policy/line and transaction detail. | This security right enables a user to view/edit the following
information in the following areas:
Policy/Line Detail: Brokerage commission agreement, brokerage commission %, brokerage commission amount, annualized commission, billed commission, estimated commission. Transaction - Add: All brokerage commission information that defaults from the policy/line. Transaction Detail: The Brokerage Commission and Premium Payables screens. |
Users who are denied this right should also be denied the Adjust Commissions - Brkg right under General > Transactions. | |
| Access the Modify General Ledger Subaccount action available from broker, company, and employee detail. | Changing the subaccount associated to a brokerage, broker, producer, or billing company allows entries for multiple entities to post to the same General Ledger subaccount. | The user must also have access to the specific program area(s) where the action is located. | |
Display in Listview Regardless of Structure |
View lists throughout the system with no structure-based filters applied. | Users who are granted this right will be able to view list items (accounts, policies, etc) regardless of whether they have security access to the associated structures. They will not be able to access the item detail, but all information displaying in the list columns will be visible. | |
| Use the Change Password action available from the Home screen. | Granting users this right allows them to change their passwords whenever they desire (e.g. if they feel their security has been compromised). | ||
| Access the New > Receipt for Payment workflow available throughout the system. | Users with this right can print receipts for payment even if they do not have rights granted under General Ledger>Receipts. | ||
| Select or deselect the Generate Transaction for Payment checkbox in the Print > Receipt for Payment workflow. | If granted this right, the user will be able to choose whether a transaction is generated for a receipt for payment. If the user is not granted this right, the default setting for generating a transaction (defined in Configure > Accounting > Receipt for Payment Layout) will be used. | ||
Allow <No Output> Layout in New Receipt for Payment |
Select the <No Output> option from the Layout menu to bypass the Distribution tab when generating a receipt for payment. | Selecting the <No Output> layout option when generating a receipt for payment automatically creates a payment transaction. While this option can save paper when a client does not need a copy of the receipt, this right should only be granted to users who have the authority to create payment transactions. | Users must also be granted the New Receipt for Payment right. |
| Access the On Demand > Relationship Summary report across all account types. | The Relationship Summary report lists all accounts related to the account from which it is generated. If client accounts are involved, the report includes estimated premium and commission totals. These figures are not shown per account; they are intended to give an impression of the total contribution of related accounts in terms of brokerage revenue. If this is considered sensitive information, access to this report should be limited. | ||
Modify Field Priority |
Designate fields as Desired or Required. | Setting fields as required can significantly affect workflows. Users cannot move past a screen unless all required fields are completed. If they do not have the necessary information, they may enter invalid data in order to continue with the workflow. This security right, therefore, should be carefully restricted. | |
| Edit the Reason and Description fields in the Reversal/Void frame in transaction detail. | |||
| View Associated Accounts from the Access menu on the Account Locate screen. | This option displays accounts that share an address with the selected account and the policies in effect for those accounts. Grant this right only to users who are allowed to view information for all of your organization’s clients. | ||
Edit Relationships Regardless of Related Account Edit Rights |
Add or modify a relationship for an account, regardless of whether edit rights are granted for the other account involved. | Adding or modifying a relationship updates the account detail for both accounts involved. This right enables the user to modify both accounts even if only granted security access to one of them. | |
| Access the Modify Agency/Direct Bill Commissions action available from broker or employee detail. | This action enables a user to determine how an producer/broker's
commissions should be reconciled and paid. The setting here affects
how commission items are tracked in the Pr/Br Payables Reconciliations
area.
If an agency is installed to Post commission based on individual producer setting or Post commission based on individual broker setting in Configure > Accounting > Accounting Methods, changes made here will also affect how the producer/broker's commissions are posted to the General Ledger at Month-End. Changing the way that Month-End posts should only be done under the supervi of Applied Systems Support. For this reason, if any agencies in your system have either of these options selected in Accounting Methods Configuration, this right should be carefully restricted. |
||
| Edit the Revenue % field for a producer when sharing revenue at the line of business or transaction level. | Users with this right are able to edit the Revenue
% field when adding/editing a line of business, adding
a transaction, adjusting commission on a transaction, and recording
direct bill commissions.
If the system has been configured to default the producer's production credit percentage as the share revenue percentage in Configure > Accounting > System Settings, this security object should be denied to ensure that the production credit and share revenue percentage stay in sync. |
Users must also be granted the Edit Transaction Producer/Broker Commissions right under General > General. | |
| View producer/broker commission information when adding a transaction or accessing transaction detail. | Users without this right cannot view the producer/broker commission
type, percentage, or amount when adding a transaction. This also
applies to the Record Direct Bill Commissions workflow.
Users without this right are also unable to access the Pr/Br Commission screen in transaction detail. |
Users who are denied this right should also be denied the Adjust Commissions - Pr/Br right under General > Transactions. | |
| Add, edit, and delete producers/brokers when adding a transaction. | These edit rights also apply to the Record Direct Bill Commissions
workflow.
If you do not wish for users to override the commission information on a policy or line of business during billing, you should restrict this right. |
Users who are denied this right should also be denied the Adjust
Commissions - Pr/Br right under General
> Transactions.
The right to edit producer/broker commission at the policy level is secured separately (under Insured Clients > Policy and Prospective Clients > Policy). |
|
On Demand Account Workflows Report |
Access the On Demand > Account Workflows Report. | ||
New Client Refund |
Access the New > Client Refund workflow available throughout the system. | Users with this right can issue client refunds even if they do not have rights granted in the General Ledger area. | Users can only issue refunds within their Client Refund limits defined in Configure > User Options > Limits. |
Edit Do Not Purge |
Select or deselect the Do not purge checkbox on Account detail screens for all entities. | Checking Do not purge on an entity’s account prevents attachments for that account from being purged even when they meet the criteria in Utilities > Purge > Attachments. Because purging an entity’s attachments can have significant legal consequences, you should restrict this right. | |
Suspend Workflow - Reassign |
Suspend and reassign workflows from the myEpic Workflows screen. | A user with this right can suspend workflows reassign suspended workflows to other employees, regardless of access to Procedures > myEpic Management. | To suspend and reassign workflows from the Procedures area, the user must be granted the Suspend In Progress Workflows and Suspended Workflows – Reassign rights under Procedures > myEpic Management. |
New Payment from Client |
Access the New > Payment from Client workflow available from Client accounts. | A user with this right can take payment for outstanding client balances using Applied Pay. Granting this permission to servicing personnel who are responsible for taking client payments is recommended. | Your organization must have an Applied Pay subscription to use this feature. |
New Refund to Client |
Access the New > Refund to Client workflow available from Client accounts. | Users in the United Kingdom use this option to issue refunds to clients. This functionality is not applicable for North American users. | |
On Demand Payments Not Created Report |
Access the On Demand > Payments Received Not Created report available from a client’s Policies or Transactions. | Brokerages in the United Kingdom run the Payments Received Not Created report to confirm that transactions exist in the system for all payments taken during quoting workflows. This functionality is not applicable for North American users. | |
On Demand Sanctions Search Report |
Access the On Demand > Sanctions Search Report available from Home. | Brokerages in the United Kingdom run the Sanction Search Report to remain compliant with FCA regulations. This functionality is not applicable for North American users. | |
Payments |
Access the Payments area to adjust future installment amounts or dates. | Brokerages in the United Kingdom use the Payments area to process client payments. This functionality is not applicable for North American users. | |
| Access the Applied Pay portal through Access > Applied Pay Portal on the options bar. | A user with this right can use this option to access the Applied Pay portal if they are registered for Applied Pay. Granting this right only to users who need to balance or view transactions for all clients is recommended. |
Your organization must have an Applied Pay subscription to use this feature. | |
Connection Suite |
Access the Help > Connection Suite area to install the Applied Epic Extension and Epic Connection Suite Package, which are recommended for Applied Epic Browser users. | Users with this right can access the Help > Connection Suite menu to install the Applied Epic Extension and Epic Connection Suite Package for Applied Epic Browser, which facilitate integrations between Epic Browser and other desktop applications and hardware. All Epic Browser users should be granted this permission unless your organization is installing these components using IT tooling. Regardless of how you manage the installation on your network, you must grant this right to any users who need to install the Connection Suite on a machine outside of your organization's network (for example to use Epic Browser on their home computers). Users without this right have read-only access the Help > Connection Suite menu, but they cannot install the browser extension or Epic Connection Suite Package. This permission is not applicable for users who only access Epic using the Desktop client. |
| Permission | Enables | Implications | Related |
| View Other Employees' Activities | Use the Customize View link label to select other employees and view their activities. | If a user without this right clicks Customize View, only a blank list displays. Even if the user has this right, no employees will display in the list unless they are listed on the View These Employees' Work Items list this user's employee detail. | |
| View Other Employees' Tasks | Use the Customize View link label to select other employees and view their tasks. | If a user without this right clicks Customize View, only a blank list displays. Even if the user has this right, no employees will display in the list unless they are listed on the View These Employees' Work Items list this user's employee detail. |
Users with access to the Leads Inbox screen can access leads regardless of structure, as leads from outside sources do not contain structure information. However, users can only import leads to structures to which they have access.
| Permission | Enables | Implications | Related |
| Access Leads Inbox | Access the Leads Inbox available from the navigation panel on the Home screen. | Users with this right can perform all workflows (import, archive, restore, and purge) on leads from Leads Inbox on which they are assigned as the Lead Owner and leads that have no Lead Owner. Granting this right only to users responsible for managing leads is recommended, as this permission provides broad access to incoming leads. | If you receive leads from a vendor partner or your own data capture platform, you must set up an integration using Applied Fortus before you can begin using Leads Inbox. Contact your Applied Sales representative for more information. |
| Access All Leads Regardless of Owner | Access other employees’ leads in the Leads Inbox. | Users with this right can perform all workflows (import, archive, restore, and purge) on leads on which other employees are assigned as the Lead Owner. As this right grants universal access to your organization’s leads, limit it to users who need this overall view or who are responsible for reassigning leads from one employee to another. | The user must also be granted the Access Leads Inbox right. |
| Permission | Enables | Implications | Related |
| Marketing Automation | Access Applied Marketing Automation. | Employees who use Marketing Automation need this right to access it from the Areas section of the menubar or the navigation panel on the Home screen. Users with this right can also access a contact's Marketing Automation Opt-ins on the Contact Detail screens when adding or editing a contact, client, or opportunity. |
| Permission | Enables | Implications | Related |
| View/edit the Transit Number
field on the Payment Authorization
screen for Canadian applications.
View/edit the Transit number field on the Payment methods tab in contact detail. |
This data is considered sensitive information and access should
be restricted to those users who would have a need to view/edit
it.
The transit number is applicable only to financial institutions in Canada. |
If users are not also granted the Edit Payment Method right under General > Contacts, they will be able to view the transit number in contact detail but will not be able to edit it. | |
| View/edit the Institution
Number field on the Payment
Authorization screen for Canadian applications.
View/edit the Institution number field on the Payment methods tab in contact detail. |
This data is considered sensitive information and access should
be restricted to those users who would have a need to view/edit
it.
The institution number is applicable only to financial institutions in Canada. |
If users are not also granted the Edit Payment Method right under General > Contacts, they will be able to view the institution number in contact detail but will not be able to edit it. | |
| View/edit the Account Number
field on the Payment Authorization
screen for Canadian applications.
View/edit the Account number field on the Payment methods tab in contact detail. |
This data is considered sensitive information and access should be restricted to those users who would have a need to view/edit it. | If users are not also granted the Edit Payment Method right under General > Contacts, they will be able to view the bank account number in contact detail but will not be able to edit it. | |
| View/edit the Routing number field on the Payment methods tab in contact detail. | This data is considered sensitive information and access should
be restricted to those users who would have a need to view/edit
it.
The routing number is applicable only to financial institutions in the United States. |
If users are not also granted the Edit Payment Method right under General > Contacts, they will be able to view the routing number in contact detail but will not be able to edit it. |
| Permission | Enables | Implications | Related |
| View | Access Renewals Manager and update a policy's renewals stage or renew policies. |
Users with this right can view policies up for renewal and their current renewal status in Renewals Manger. They can update renewal stages and renew policies. Grant this right to users responsible for renewing policies or monitoring the status of renewals. |
Users can only view policies in Renewals Manager for which they have structure access. |
Print Listview |
Print the list of renewals from the Renewals Manager screen. | Because users can view all policies up for renewal to which they have structure access in Renewals Manager, limiting this printing right to users responsible for monitoring the status of renewals (such as managerial personnel) is recommended. |
| Permission | Enables | Implications | Related |
User Can Accept License Agreement |
Accept the license agreement that displays after a system update. | After a major update is installed, no users will be able to log in to the system until a user who is granted this security right accepts the license agreement. Considering the potential implications of accepting the license agreement, this right should be limited to a select few. | |
| Log in to Applied Epic when User Lockout has been turned on in Utilities > Diagnostic > Client Sessions. | This right should only be granted to those who would have the need to perform sensitive tasks or run reports requiring all other users to be logged out of the system. Allowing too many users to log in during User Lockout increases the risk that users will interfere with these sensitive tasks and defeats the purpose of a lockout. |
| Permission | Enables | Implications | Related |
Send |
Send SMS messages to SMS-enabled phone numbers on contacts to which the employee has access. | SMS messages are a convenient, efficient method of communication for clients who have opted to receive them. If your organization has enabled SMS functionality, grant this right to all users who regularly communicate with clients and prospects. | SMS Messaging must be enabled system-wide in Configure > SMS > System Settings. The user must have access (either at the Employee or Structure level) to one of the Registered Numbers defined in Configure > SMS > Numbers. |
| Permission | Enables | Implications | Related |
| View | View Sticky Notes throughout the system. | Granting universal view-only rights to Sticky Notes allows all users to consult them for reference. Denying this right universally allows you to "turn off" the Sticky Note feature if you do not wish to use it. | |
| Add | Add a Sticky Note via the New > Sticky Note workflow or by clicking the Add Note icon on an existing Sticky Note. | You may wish to restrict the addition of Sticky Notes to those generated by the Add sticky note marketing option in the Delivery Options section of a report. In this case, you would deny most users the Add Sticky Note right to prevent the system from becoming cluttered. | |
| Edit | Change the properties (for example, content, color, priority) of an existing Sticky Note. This does not apply to Sticky Notes displaying on the Home screen, which are visible to the current user only. | Because Sticky Notes are temporary, this right does not have to be as carefully restricted as the right to edit attachments or activity notes. Users with this right can update the notes with additional information or set the notes' expiry dates. | |
| Delete | Delete an existing Sticky Note. This does not apply to Sticky Notes displaying on the Home screen, which are visible to the current user only. | Sticky Notes are designed to be temporary and can be set to expire when they are no longer needed, so you may wish to deny users the right to delete them before they expire. However, if Sticky Notes are generated by the Add sticky note marketing option in Reports, you may wish for users to be able to delete notes from each account as they work through the campaign. |
Note: If a user is granted transaction access for a certain entity type (for example, the Transactions right under Insured Clients > Insured Clients), all access granted in the General > Transactions section transfers to that entity type's transaction list. The reverse is also true; if you wish for the user to work on transactions for insured clients, you must make sure the Transactions right under Insured Clients > Insured Clients is granted in addition to the desired rights listed below. Otherwise, regardless of being granted the View right in the General > Transactions area, the user will not be able to access an insured client's transaction list.
| Permission | Enables | Implications | Related |
| Use the A/R Write-off action available from the Transactions area. | This action enables the user to write off the remainder of a receivable balance if the transaction is agency billed, is an invoice transaction, and has no pending processes filed against it. | ||
| Select the Payment radio button when adding a transaction. | Users with this right are able to add payment transactions at the Account, Policy, or Line level for client accounts, and to the Account level for broker, finance company, or other interest accounts. | The user must also be granted the Add Transactions right under General > Transactions. | |
| Add a new transaction from the Transactions list. | Users with this right are able to add transactions at the Account, Policy, or Line level for client accounts, and to the Account level for broker, finance company, or other interest accounts. | If the user is not also granted the Bill Service Fee right
under General > Transactions
> no transaction codes with a Class
of Service Fee are available
from the Code dropdown
list on the Add Transaction
screen.
When adding a transaction, the user will be unable to override the dates/months that default for several fields unless also granted additional security permissions in this area. These include the Generate invoice date, Effective date, A/R due date, Accounting month, and Production month. |
|
| Add or edit items on an invoice that has been approved through Invoice Quality Check. | Users without this right are unable to do any of the following:
|
In order to edit contact information on the Send Invoice To tab in Transaction Detail, the user must also be granted the Edit Contact Invoice Information right under General > Transactions for Approved invoices. | |
| Add or edit items on an invoice that is pending approval through Invoice Quality Check. | Users without this right are unable to do any of the following:
|
||
| Update agency commission information using the Adjust Commission action available from the Transactions area. | This security right enables the user to add or delete issuing companies or premium payable entities on the transaction, provided the accounting month is open and no actions have been performed on the transaction. Users will also be able to modify the payable due dates. | In order to adjust producer/broker commissions via this action,
the user must also be granted the Adjust Commissions - Pr/Br right
under General > Transactions.
In order to adjust revenue sharing information, the user must also be granted the Adjust Commissions - Share Revenue Structure right. |
|
| Update producer/broker commission information using the Adjust Commission action available from the Transactions area. | This security right enables the user to add, edit, or delete producers or brokers on the transaction, provided the accounting month is open and no actions have been performed on the transaction. Users will also be able to modify the payable due dates. | In order to adjust agency commission information via this action,
the user must also be granted the Adjust Commissions - Agcy right
under General > Transactions.
In order to adjust revenue sharing information, the user must also be granted the Adjust Commissions - Share Revenue Structure right. |
|
| Update producers' Share Revenue information and add or delete house producers using the Adjust Commission action available from the Transactions area. | This security right enables the user to add revenue sharing producers and to modify Share Revenue percentage and structure, provided the accounting month is open for all affected agencies and no actions have been performed on the transaction. If the month is not open for all agencies or if actions have been performed on the transaction, the user will only be able to modify the Share Revenue percentage for existing producers. | The user must be granted the Adjust Commissions - Pr/Br right
under General > Transactions.
In order to adjust agency commissions via this action, the user must also be granted the Adjust Commissions - Agcy right. |
|
| Use the Apply Credits to
Debits action available from the Transactions area.
Apply credits to debits when prompted to do so upon entering a transaction. |
If accounting personnel typically apply credits to debits (via receipts and disbursements) in your agency, you may wish to deny CSRs this right. | ||
| Use the Balance Transfer action available from the Transactions area. | The Balance Transfer action transfers a payment from one account to another. | ||
| Add a transaction with a Class of Fee. | Service fees enable an agency to bill the receivable up front but defer the revenue based on a contract schedule that recognizes revenue when the service is provided (e.g. a consulting fee). A user must have rights to the Bill Service Fee security object in order to add transactions that have the Service Fee checkbox selected. | In order to add a service fee transaction, the user must also be granted the Add Transactions right under General > Transactions. | |
| Use the Close Binder
action available in the Transactions area.
Use the Close Binder button available in premium payable reconciliation detail. |
Closing an open binder transaction prompts the system to move the payable balance out of the Binder Bill Payable General Ledger account when journal entries are generated. Only users allowed to impact this information should be given access. | ||
| Use the Discounts action available from the transaction area. | The Discounts action allows a user to discount a percentage or a flat amount on a transaction. | Users can only grant discounts within the limits defined in Configure > User Options > Limits. | |
| Edit the Accounting month field when adding/editing a transaction or using the Revise Premium, Reverse Transaction, Revise Outstanding Payment, or Void Payment actions available from the Transactions area. | The accounting month defaults based on the later of the transaction effective date or generate invoice date. For payment transactions, it defaults based on the payment date. Changing this field could have an effect on month-end reporting. | ||
| Edit the A/R due date field when adding/editing a transaction or using the Revise Premium action available from the Transactions area. | The A/R due date is
defined during transaction code configuration.
If transaction codes are installed correctly, there should be no need to modify this field under most circumstances. |
||
| Edit contact information on transactions. | The information listed in Contact Detail defaults into the Contact, Address, Email, and Fax fields on the Invoice tab of the Transaction Detail. Because changing this information could cause invoices to be sent to invalid contacts or addresses, this permission should be limited. | In order to edit contact information on the Send Invoice To tab in Transaction Detail, the user must also be granted the Add/Edit Approved Invoices right under General > Transactions for Approved invoices. | |
| Edit the Generate invoice date field when adding/editing a transaction or using the Revise Premium action available from the Transactions area. | The Generate invoice date defaults as the system date for basic transactions and is determined by the installment plan for installment transactions. If these defaults should not be overridden, this permission should be restricted. | ||
| Edit the Effective date when adding a transaction. | This security right enables the user to edit the Effective date in the Detail section and on the Billing tab when adding a transaction on a policy, line, account, or service. The Effective date of a transaction associated to an account or service defaults to the current date. The Effective date of a transaction associated to a policy or line defaults as the effective date of the policy, line, or service summary row to which the transaction is added. As long as the proper policy/line/service summary row is selected, there should be no need to modify this field on a policy/line transaction. If entering an endorsement transaction, for example, you would select the endorsement service summary row to ensure that the transaction effective date matched the endorsement effective date. If your organization does not enter endorsement details at the policy level, however, you may wish to grant users this right so that they can update the transaction effective date when entering endorsement transactions.
|
If the user is granted this security right but not the Edit Dates right, the user is only able to edit the Effective date. All other date/month fields are disabled. | |
| Edit the Pay Due Date field when adding a transaction or adjusting commission on an existing transaction. | This security right enables the user to edit the premium payable
and producer/broker commission payable due dates on a transaction.
If your agency reconciles by payable due date rather than accounting month and has payable contracts installed to correctly calculate the payable due date, you may wish to deny users this right. |
If the user is granted this security right but not the Edit Dates right, the user is only able to edit the Pay Due Date. All other date/month fields are disabled. | |
| Edit the Payment date field when adding/editing a payment transaction or using the Revise Outstanding Payment action available in the Transactions area. | The payment date defaults based on the system date. | ||
| Edit the Payment received date when adding/editing a payment transaction or using the Revise Outstanding Payment action available in the Transactions area. | The payment received date defaults based on the system date. | ||
| Edit the Production month field when adding/editing a transaction or using the Revise Premium or Revise Outstanding Payment actions available in the Transactions area. | The production month defaults as the same as the accounting
month for basic transactions. For installment transactions, the
production month for each installment defaults as the accounting
month from the first installment item.
If your agency is not installed to recognize installment revenue immediately, you may wish to be able to override the Production month for installment items. If you are set up to recognize installment revenue immediately, you may wish to restrict this right. |
If the production month is locked, posted, or finalized, the user will not be able to edit this field unless also granted the Edit Production Month in Locked, Posted, or Finalized Month right under General > Transactions. | |
Edit Production Month in a Locked, Posted, or Finalized Month |
Edit the Production month field in transaction detail if the month currently selected is locked, posted, or finalized. | The Production month
defaults as the same as the Accounting
month. If your agency is installed to recognize installment
revenue immediately in Configure
> Accounting > Accounting Methods, the Production
month for all installments defaults as the Accounting
month for the first installment item.
If your agency is not installed to recognize installment revenue immediately, you may wish to be able to override the Production month for installment items to match the month in which a policy was actually sold. |
In order to edit the Production month field, the user must also be granted the Edit Production Month right under General > Transactions. |
| Edit the Branch, Department,
and Profit center fields
when adding a transaction to a policy or line of business.
Edit these fields on an existing transaction. |
You may wish to deny this right to most users in order to ensure that the billing structure is the same as the structure of the policy/line being billed. However, if you have a specific department/profit center used for billing taxes/fees, you may wish to override the associated structure when billing tax/fee transactions. | ||
| Edit the Description field when adding or editing a transaction. | Transaction codes can be given default descriptions in Configure > Accounting > Transaction Codes that include variables to pull in the desired information. To ensure this information is retained in the description, and to maintain consistency in transaction descriptions for reporting purposes, you may wish to deny users this right. | ||
| Edit transaction detail. | Several of the fields in transaction detail are controlled by other security permissions in this area. These include the Generate invoice date, Effective date, Payment date, Payment received date, A/R due date, Accounting month, Production month, Branch, Department, Profit Center, Description, Contact, Address, Email, and Fax. | ||
| Use the Finance Transaction action available from the Transactions area. | This enables the user to finance all or a portion of a client's receivable. | In order to access transactions at the finance company level, the user must also be granted the Transactions right under Finance Companies > Finance Companies. | |
| Use the Generate Invoice action available from the Transactions area. | In order to batch generate invoices for multiple accounts, the user must be granted the Generate Invoices right under Procedures > Accounting. | ||
| Use the Generate Statement action available from the Transactions area. | In order to batch generate statements for multiple accounts, the user must be granted the Generate Statements right under Procedures > Accounting. | ||
| Use the Generate Tax/Fee
action available from the Transactions area. Use the Generate Tax/Fee button within transaction detail when adding a transaction. |
In order to ensure that government taxes and fees are entered according to the standards defined in Configure > Accounting > Government Tax/Fee Rates, it is recommended to grant this right to anyone responsible for billing policies but to restrict the other Generate Taxes/Fees permissions in this area. This enables users to generate tax/fee transactions but prevents them from overriding any of the tax/fee information. | ||
| Click the Add button while generating government taxes/fees to add a tax/fee transaction other than those generated. | This allows users to add government taxes/fees to a transaction other than those generated according to the rates in Configure > Accounting > Government Tax/Fee Rates. If your organization does not maintain tax/fee rates and instead enters the taxes and fees manually, this permission should be granted to any users responsible for billing taxes/fees. | ||
| Delete tax/fee transactions while generating taxes/fees. | |||
| Modify tax/fee transactions generated while generating taxes/fees. | Users with this right cannot modify any information on tax/fee
transactions generated by the system. If they are granted the Generate Taxes/Fees - Add permission but not this permission, they are able to modify tax/fee transactions they add manually during the workflow. |
||
| Modify the Taxable amount field when generating taxes/fees. | The Taxable amount determines how the tax/fee transaction amounts are calculated (if the rate has a Type of percentage). It defaults to the entire amount of the production transaction. Users would need access to override this amount if only a portion of the premium were taxable. | ||
| Use the Modify Revenue Deferral Schedule action available from the Transactions area. | This action is only available for service fees with a revenue deferral schedule. It can be used to change the accounting month for the item to accurately reflect the date the service is provided (e.g. a consulting fee was scheduled for February, but the consultation service is rescheduled for March). | ||
| Use the Move Transaction action available from the Transactions area. | This action enables the user to move an item, bill, or invoice to an existing bill or invoice, a new bill or invoice, or to No Invoice. | ||
| Select or deselect the Generate Invoice checkbox when adding a transaction. | The Generate Invoice checkbox defaults as selected for agency bill business and deselected for direct bill business. To ensure this procedure is followed, you may wish to deny this right to most personnel. However, if you wish to provide personnel the ability to generate direct bill invoices, they will need to be granted this right. | ||
| Use the A/R Write-off action to write off an amount that exceeds the write-off limit established for the agency in Configure > Accounting > Maximum Write-offs. | This security right is generally restricted to managerial staff. | The user must also be granted the A/R Write-Off right under General > Transactions. | |
| Use the Place/Resume Payments on Hold action available from the Transactions area. | This action enables users to suspend outstanding payment transactions on an installment plan if there is a problem with one of the payments, or to resume payments once the problem is resolved. Grant this right only to users who work with payment transactions. | ||
| Use the Reverse Balance Transfer action available under the Transactions area. | |||
Reverse Taxes/Fee Without Reversing Transaction |
Reverse the tax/fee on a transaction without also reversing the production item. | Automatically closing the government payable when an incorrectly billed tax/fee is reversed helps you maintain accurate data, but you may wish to report and reconcile both the original tax/fee and the reversal in some situations, particularly if they occur in different accounting months. This right is granted by default, but you may wish to restrict it. | The user must also be granted the Reverse Transaction right under General > Transactions. |
| Use the Reverse Transaction action available from the Transactions area. | Reversing a transaction creates a new transaction with an equal
but opposite amount and links the two transactions. The user performing
this action also has the option to close the associated premium
payable and producer/broker payables.
Users without this right can still manually "reverse" a transaction by entering a new transaction with an equal but opposite amount. |
||
| Use the Revise Outstanding Payment action available from the Transactions area. | This action can be used only on payments entered in the Transactions area that have a Payment Status of Outstanding. It cannot be used on payments generated by receipts. | If a user does not have rights to edit the Payment date, Payment received date, Accounting month, or Production month, which are secured separately, those fields cannot be revised within this action. | |
| Use the Revise Premium action available from the Transactions area. | This action can be used to correct the following situations:
Any changes made to the premium amount via this action will also update the premium fields for the corresponding policy or line of business. |
If a user does not have rights to edit the Generate invoice date, A/R due date, Accounting month, or Production month, which are secured separately, those fields cannot be revised within this action. | |
| Use the Unapply Credits to Debits action available from the Transactions area. | This action should only be used if incorrect items are applied. It is only available if the selected credit and debit items have no pending processes filed against them. Unapplying credits to debits reverses all previously earned agency, producer, and broker commissions associated to the affected items and considers them unearned (if producers/brokers as paid on a Cash - Fully Paid or Cash - Partially Paid basis). | ||
| Access the transaction lists for all applicable entities (see notes preceding this table). | Users with this right are able to view the main transaction list for an account as well as the detail for any of the transactions in the list. | Unless also granted the Display in Listview Regardless of Structure right under General > General, users will only be able to view transactions if they have access to the associated structures. | |
View Pr/Br Commission Percent/Amount |
View Pr/Br commission Percent/Amount information in the Transactions area. | Users without this right see X’s in Pr/Br Commission Percent and Amount fields, rather than the actual field values. | |
View Pr/Br Production Credit % |
View the Producer and Broker Production Credit % | Users without this right see X’s in the Pr/Br Production Credit % field, rather than the actual field value | |
View Pr/Br Order # |
Access to view the Producer and broker Order # | Users without this right see X’s in the Pr/Br Order # field, rather than the actual field value. | |
| Use the Void Payment action available from the Transactions area. | This action is used to void a payment generated by a receipt
and enters a second transaction with an equal but opposite amount
to the client's account.
Users without this right can still manually "void" a payment by entering a new receipt with an equal but opposite amount and applying the original and reversing entries against each other. If the original payment had already been applied to production items, the user would need to unapply credits to debits. |