Archer Roles Defined

Archer uses role based security for system access and for control of the internal workflow processes. Here is a list of the major roles and their definition. Depending upon the system, the organization and the integration points, these roles may be combined.

Governance Risk and Compliance (GRC)
HIPAA Working Group Member (HWGM)
Divison Owner (DO)
Business Owner (BO)
Facility Owner (FO)
Server Owner (SO)
Application Owner (AO)

Archer provides email notices and reports to various roles. Of particular significance is the 'aging' of outstanding risk assessments. As the 30 / 60 / 90 day milestones are at-hand or past-due, reports and email notices are escalated to higher Archer/HIPAA roles.

Risk Assessment roles in Archer

Assessment Submitter

a user who is most familiar with application, database, workstations, server or business unit used to access, store or process sensitive healthcare information

HWGM/Reviewer

a user who oversees and have authority to approve the compliance state of the application, database, workstations, server or business unit used to access, store or process sensitive healthcare information

Responsible Party

a user who is responsible for the overall compliance, security and operations for the application, database, workstations, server or business unit used to access, store or process sensitive healthcare information.