...
Superadmin users have access to the Administration > Support component, which allows the Foundry Health team access to a specific set of dashboard components that allow for review of instance usage overview for billing purposes, and, access built for support and billing purposes. This area is most frequently accessed to review internal server log statements.
...
This menu item is only visible to Superadmin users.
Any system configurations with ‘support’ type classification appear in the this Support area.
...
Sites
Superadmin users are able to create ‘site’ entities, for For customers who operate ClinSpark under an early-phase model where volunteer database and recruitment features are enabled, Superadmin users are able to create ‘site’ entities. This is due to the implication sites have for use across several instance configurations, and, the licensing/pricing fees related to multi-site use.
For customers who use ClinSpark under later-phase multi-site configurations, where ‘Volunteers’ features are disabled (also referred to as “headless mode”), non Superadmin users have the ability to create sites.
Additionally, for For a given site, certain configuration settings are exclusive to Superadmin users which include the following:
...
Within Barcodes only Superadmin can modify the visible settings. This is due to the implications these padding, delimterdelimiter, and prefix settings have across a variety of ClinSpark features that leverage barcodes, as well as site lab interface workflows. Typically these settings are established for customers during onboarding phases.
...
Add new device integrations, and archive existing
Modify device type, Manufacturer, ‘Direct’ setting, Monitoring Type, and Model
Add new device parameters, and archive existing
Modify device parameters including ‘Enrollment’ setting, Monitoring Source, Captured Date Time, and Data Type
Add and modify device settings
Common Questions
...
& Answers
Over time we Many customers have received questions from customers about these types of Superadmin accounts, their use, and governance. The following section hopes to address some of the common questions we receive.
Who can create & manage Superadmin accounts?
Only a Superadmin type account can create or manage other Superadmin accounts in the user interface. Since Foundry Health staff are the only users who are given Superadmin accounts, these actions are carried out by a member of the Foundry Health team.
Customers are unable to create Superadmin accounts.
...
When are Superadmin accounts created
...
?
Superadmin accounts are created one of two ways:
Via automated script when environments are first created
Using the ClinSpark user interface
When a brand new ClinSpark environment is created, there are processes that ‘bootstrap’ the environment with a very basic set of configurations in order to make it accessible by Foundry Health staff prior to the handover of the environment to customers. This bootstrapping process creates a small set of Superadmin accounts for engineering and support team members, who can access and review the environment prior to customer handover.
After the bootstrapped accounts are created, the ClinSpark user interface must be used to add or modify Superadmin accounts. Foundry Health staff are granted Superadmin accounts in applicable customer environments to support onboarding, training, and support efforts. Foundry Health team members are only given access to customer ClinSpark environments once they have received the proper level of training necessary to perform actions applicable to their role.
When are Superadmin accounts deactivated?
If someone with a Superadmin account leaves the Foundry Health team, or no longer requires access to an environment, their access is revoked within the time interval specified in SOPs, and their account set to an archived status. This is done either by an existing Superadmin using the user interface controls, or, through a script
Can a standard account be promoted to Superadmin?
Yes, but only Standard accounts can be ‘promoted’ to Superadmin. However, this can only be done by a Foundry Health team member who is also a Superadmin.
By the same process, a Superadmin account can also be downgraded ‘downgraded’ to a standard account. This can only be done by another Superadmin.
...
Superadmin accounts must meet the same complexity password requirements as all other standard ClinSpark user accounts. These are customerenvironment-specified authentication requirements are based on the configurations established by customers via the Administration > General Settings component.
Superadmin accounts are not impacted by customer SSO configurations, and for now, do not use SSO Identity Providers to log into ClinSpark instances. Foundry Health team members log into ClinSpark instances with username/password credentials via standard login screen workflows. Superadmin accounts in ClinSpark production environments with release 1.5 or higher have 2FA have two-factor authentication (2FA) enabled.
How can
...
customers see Superadmin accounts in
...
their environment?
In current releasesrelease, Superadmin accounts are not visible to standard users when viewing the Administration > Users component. Additionally, Superadmin accounts are also suppressed from the user export in this component, if a non-Superadmin creates the report. If a Superadmin creates the export, all accounts are visible.
...
Upon request, Foundry Health may be able to provide other ‘exports’ or means ways to see Superadmin accounts in a given environment. Customers who wish to discuss this should open a service desk ticket. Future enhancements in later releases are likely to improve the visibility of Superadmin accounts to certain user types.
...
Superadmin accounts are like standard user accounts, in that these accounts have audit trails and all actions taken are audited and visible in applicable audit trails. Nothing exempts a Superadmin from having their actions audited in ClinSpark.
...