Standard Security Entities

Entity	Description	Required Rights
biz_ClientDistressCallOwner	Used to configure a user as the owner on distress calls.
biz_ClientServiceCase_Email_Notifications	Enables a user to receive email messages from the nightly CSC notification process.	View
biz_clientservicecase_massupdate	Controls access to the Mass Update button on the Case Search dashboard
biz_ClientServiceCase_QuickCase	Controls access to the Quick Case button on the Cases (Cases 2.0) dashboard.	Add
biz_clientservicecase_subscriptions	Allows access to the Case Type Subscriptions link on the user profile.
biz_clientteam_massupdate	Controls access to the Mass Update button on the Team Search dashboard
biz_CommissionDetail_SalesEntity		Add/Edit
biz_crm_show_snapshot	Allows the user to see the Client Snapshot if they have access to the workspace	View
biz_EditAdmin_After_Submit	Allows the user to edit the following fields in the Admin Fees and Taxes and Other Fees fieldsets of a Pricing Batch record on the Pricing Console until Pricing is Locked: Admin Fees Override Billing For This Batch Pricing Method Admin% Per Head Fee (annl) Per Head Fee (mth) Per Check Fee First Check Supplement Per Invoice Flat Fee (monthly) Minimum Admin Per Head Minimum Admin Per Account Taxes and Other Fees Billing Client Modifier Note: Edit access to the Pricing Batch form (gen_PricingBatch) is also required to activate this security role entity.	View
biz_EditSurcharge_After_Submit	Assigning either View OR Admin rights allows a user with appropriate rights to the Surcharges form to edit the values in the Surcharge Type, Quantity, and Surcharge Amt fields and access the Override Surcharge Amt checkbox after pricing is submitted and until pricing is locked. Once pricing is locked, the system does not allow a user to edit the fields. Note: The entity is supplemental and will not override form-level security provided by the gen_Surcharges entity. It will also not override any field-level security on individual pricing fields. Any user who is not in a role that allows them general access to view and edit the Surcharges form (as well as access to view and edit any individually secured pricing fields on the Surcharges form) will not be granted access by the biz_EditSurcharge_After_Submit entity to edit surcharge pricing fields after pricing is submitted. By default, Global Administrators can edit the Surcharge record pricing fields up until pricing is locked without this entity assigned. See Creating Pricing.	View/Admin
biz_EditSUTA_After_Submit	Allows the user to edit the value in the SUTA Bill Rate field until Pricing is Locked. Once Pricing is Locked, the system does not allow a user to edit the SUTA Bill Rate. See Creating Pricing.	View
biz_EditWC_After_Submit	Allows the user to edit the value in the pricing state WC Discount and Client Modifier fields, and also override the pricing code Net Comp Rate field until Pricing is locked. Once Pricing is Locked, the system does not allow a user to edit these fields.	View
biz_pricing_batch_can_override_admin_percent	Used in Pricing Batch business rule HE_ValidateAdminPercentage which fires when a user tries to enter an Admin Percentage lower than the Default Admin Percentage. Having this entity allows the user to bypass this validation.
biz_pricing_batch_multibatch	Enables use of multiple comparison batches
biz_pricing_code_can_view_header		View
biz_pricing_state_can_override_premium_discount
biz_pricing_submitted_batch	Users with View rights to this entity can edit pricing fields when the Batch is in Submitted and Underwriting status. Otherwise, the pricing fields can only be edited when the Batch is in New status.	View
biz_pricingconsole_canchangeuser	Users allowed to change pricing console user filter
biz_pricingconsole_breakdown	User allowed to see the pricing breakdown matrix at the bottom of the pricing console and in the pricing widget on the workspace landing page. Note: By default, Global Admin users cannot view the pricing breakdown matrix at the bottom of the pricing console. Add this entity to the Global Administrator role or another role to which the user is a member so that Global Admin users can view the pricing matrix.	View
biz_pricingconsole_add_statecodes_activatedstatus	Controls access to the Add State & Code button on the Pricing Console. When the status of the Pricing Batch is Activated, you can secure the button so that only certain user roles can perform the action.	Add
biz_surcharge_can_view_header		View
biz_surcharges_clientsetup	SecEntity associated with Client Setup Field access on the Pricing Console.
biz_view_pc_gp_after_commissions	Allow visibility to Pricing Console Gross Profit After Commissions	View
biz_workflow_benefitbenefitplan_activate	Controls access to the Company Benefits Plan workflow link - activate	View
biz_workflow_benefitbenefitplan_expire	Controls access to the Company Benefits Plan workflow link - expire	View
biz_workflow_benefitbenefitplan_pending	Controls access to the Company Benefits Plan workflow link - set to pending	View
biz_workflow_benefitbenefitplan_reject	Controls access to the Company Benefits Plan workflow link - reject	View
biz_workflow_benefitbenefitplan_select	Controls access to the Company Benefits Plan workflow link - select	View
biz_workflow_benefitplan_activate	Controls access to the Administrative Benefits Plan workflow link - activate	View
biz_workflow_benefitplan_cancel	Controls access to the Administrative Benefits Plan workflow link - cancel	View
biz_workflow_benefitplan_expire	Controls access to the Administrative Benefits Plan workflow link - expire	View
biz_workflow_benefitplan_pending	Controls access to the Administrative Benefits Plan workflow link - pending	View
biz_workflow_benefitplan_renew	Controls access to the Administrative Benefits Plan workflow link - renew	View
biz_workflow_cm_accept	Controls access to Client Master pricing workflow link - accept	Edit
biz_workflow_cm_activate	Controls access to Client Master pricing workflow link - activate	Edit
biz_workflow_cm_activate_future	Controls access to Client Master pricing workflow link - activate future (based on activation date)	Edit
biz_workflow_cm_activate_now	Controls access to Client Master pricing workflow link - activate now	Edit
biz_workflow_cm_approve	Controls access to Client Master pricing workflow link - approve	Edit
biz_workflow_cm_clone	Controls access to Client Master pricing workflow link - clone (pricing batch)	Edit
biz_workflow_cm_contract_signed	Controls access to Client Master pricing workflow link - contract signed	Edit
biz_workflow_cm_create_batch	Controls access to Client Master pricing workflow link -	Edit
biz_workflow_cm_decline	Controls access to Client Master pricing workflow link - decline an existing batch	Edit
biz_workflow_cm_expire	Controls access to Client Master pricing workflow link - expire an existing batch	Edit
biz_workflow_cm_kill	Controls access to Client Master pricing workflow link - kill an existing batch	Edit
biz_workflow_cm_reactivate	Allows the reactivation of RFPs that were set to Dead	Edit
biz_workflow_cm_reinstate	Allows you to re-instate a terminated client	Edit
biz_workflow_cm_reprocess	Allows you to re-process a batch, sets it back to pre-submit	Edit
biz_workflow_cm_submit	Allows you to submit a batch from the Client Master header link	Edit
biz_workflow_cm_terminate	Allows you to Terminate a client from the Client Master Header link (moves client to Pending Termination Status)	Edit
biz_workflow_coi_approve	Allows access to the Approve link on Certificate of Insurance	View
biz_workflow_coi_cancel	Allows access to the Cancel link on Certificate of Insurance	View
biz_workflow_coi_expire	Allows access to the Expire link on Certificate of Insurance	View
biz_workflow_coi_issue	Allows access to the Issue link on Certificate of Insurance	View
biz_workflow_employeebenefits_renew	Controls access to the Renew Link on the EmployeeBenefits dataform	View
biz_workflow_pb_accept	Controls access to the Pricing Batch workflow link - accept	Edit
biz_workflow_pb_activate	Controls access to the Pricing Batch workflow link - activate	Edit
biz_workflow_pb_activate_future	Controls access to the Pricing Batch workflow link - activate future - based on activation date	Edit
biz_workflow_pb_approve	Controls access to the Pricing Batch workflow link - approve	Edit
biz_workflow_pb_clone	Controls access to the Pricing Batch workflow link - clone	Edit
biz_workflow_pb_decline	Controls access to the Pricing Batch workflow link - decline	Edit
biz_workflow_pb_kill	Controls access to the Pricing Batch workflow link - kill	Edit
biz_workflow_pb_submit	Controls access to the Pricing Batch workflow link - submit	Edit
biz_workflow_pc_activate	Controls access to the Pricing Code workflow link - activate	Edit
biz_workflow_pc_decline	Controls access to the Pricing Code workflow link - decline	Edit
biz_workflow_policy_sendcoi	Controls access to the Workers' Comp Policy action link to send certificates of insurance	View
biz_workflow_ps_activate	Controls access to the Pricing State workflow link - activate	Edit
biz_workflow_ps_approve	Controls access to the Pricing State workflow link - approve	Edit
biz_workflow_ps_decline	Controls access to the Pricing State workflow link - decline	Edit
biz_workflow_ps_kill	Controls access to the Pricing State workflow link - kill	Edit
biz_workflow_ps_submit	Controls access to the Pricing State workflow link - submit	Edit
BusinessIntelligenceModule	Controls whether the Delete button is present for non-administrator and developer users on the Business Intelligence User dashboard module. Note: By default, this security entity is added to the EVERYONE role with View, Add, Edit and Delete access set. However, Add rights still require the User Details Reporting Profile assignment to have the Allow Report Creation flag checked.	View/Add/Edit/Delete
CRM_CanSaveDuplicates	Controls whether a CRM user can save a duplicate organization or must request review	View
gen_dataformname	Dataform security	View/Add/Edit/Admin
gen_dataformName_field	Dataform Field security	View/Add/Edit/Admin
gen_DiscussionMessage	Security entity used to control access to the Case Discussion and Case Attachments dataforms. Note: By default, this security entity is added to the EVERYONE role with View, Add, and Edit access set.	View/Add/Edit/Delete/Admin
gen_Surcharges	Security entity used to control access to the Pricing Console Surcharges section. Note: By default, Global Administrators can delete surcharges. Other users requiring access to delete surcharges must be assigned the gen_surcharges Delete rights. If a surcharge type is secured, they will also need Delete rights to the entity for that surcharge type.	View/Add/Edit/Delete/Admin
Incident	Allows the user to view, add, and edit tasks. This entity is present by default PEO Employee Role) with View/Add/Edit rights.	View/Add/Edit
Incident_Can_Add_Without_Dataform	Allows the user to view, add, and edit tasks. You can use the Add button on Task Manager dashboards and the plus (+ ) icon on the Task Manager widget. A workplace selector displays with both options.	View/Add/Edit
Incident_AllowTaskMaintance	Allows the User to edit a Task even when they are not the user indicated as Owner, Assigned To, Creator, or listed in the Subscribe panel.
Incident_Fieldname	Controls field-specific security on the task - not configurable	View/Add/Edit
Incident_Dash_CanViewAllUsers	Unlocks the User search field on the Task Search Module.
Incident_IsActive	Secures the Active option on Tasks. This does not affect mass updates through the task manager. Users with the rights to perform mass updates can still mark a task as Inactive by completing and archiving the task.	View
PricingConsole	At least View rights are required to provide access to Pricing Console.	View
ProfitabilityBreakdown	Allows the user to view the profit information at the bottom of the Pricing Console.	View
QuickEdit	At least Add rights required to provide access to Enhanced Pricing Console Quick Edit Form	Add/Edit/Admin
QuickEdit_ClientModifier	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_CurrentEffectiveCompRate	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_EffectiveCompRate	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_fkCompCodeID	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_FullTimeEmployees	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_GrossPayroll	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_OverrideBAF	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_PartTimeEmployees	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_PayFrequency	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_PremiumDiscount	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_State	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_SUTA	Works like dataform field security	View/Add/Edit/Admin
QuickEdit_SUTARate	Works like dataform field security	View/Add/Edit/Admin
SurchargeType_ClientSetup	SecEntity associated with ClientSetup Surcharge Type.
tblContact_IsActive	Security on the Contact table	View/Add/Edit
tblOrganization_IsActive	Security on the Organization table	View/Add/Edit
template_templatename_member	Template security (replacing TemplateName with the actual name of the associated template). Allows a user to create workspaces for this template.
{TableName}_$Attachment	Security entity used to secure the Dataform Attachment Action item	View/Add/Edit/Admin
CRM_$Attachment	Security entity used to secure the Organization and Contact attachment Action item	View/Add/Edit/Admin
Incident_$Attachment	Security entity used to secure the Task Attachment Action item	View/Add/Edit/Admin
TimeTracker	Security entity used to secure Time Tracker module records. Note: By default, this security entity is added to the EVERYONE role with View, Add, and Edit rights set. This allows users to view/edit and add their own Time Tracker records. Assigning View only access still allows users to edit their own Time Tracker records. Delete rights can be added to a non-admin user to allow them to delete their own Time Tracker records. The ability to View, Add, Edit and Delete Time Tracker records of ALL users requires Admin access. (This does not apply to Global Administrators as they have Admin rights in Time Tracker by default and do not require security entity assignment.)	View/Add/Edit/Admin
UnderwriterApprView	Allows user access to all Approval records. (NOT real-time – only applies when the Approval is created.)	View/Add/Edit/Admin

biz_ClientDistressCallOwner

Used to configure a user as the owner on distress calls.

biz_ClientServiceCase_Email_Notifications

Enables a user to receive email messages from the nightly CSC notification process.

View

biz_clientservicecase_massupdate

Controls access to the Mass Update button on the Case Search dashboard

biz_ClientServiceCase_QuickCase

Controls access to the Quick Case button on the Cases (Cases 2.0) dashboard.

Add

biz_clientservicecase_subscriptions

Allows access to the Case Type Subscriptions link on the user profile.

biz_clientteam_massupdate

Controls access to the Mass Update button on the Team Search dashboard

biz_CommissionDetail_SalesEntity

Add/Edit

biz_crm_show_snapshot

Allows the user to see the Client Snapshot if they have access to the workspace

View

biz_EditAdmin_After_Submit

Allows the user to edit the following fields in the Admin Fees and Taxes and Other Fees fieldsets of a Pricing Batch record on the Pricing Console until Pricing is Locked:

Admin Fees

Override Billing For This Batch
Pricing Method
Admin%
Per Head Fee (annl)
Per Head Fee (mth)
Per Check Fee
First Check Supplement
Per Invoice
Flat Fee (monthly)
Minimum Admin Per Head
Minimum Admin Per Account

Taxes and Other Fees

Billing Client Modifier

Note: Edit access to the Pricing Batch form (gen_PricingBatch) is also required to activate this security role entity.

View

biz_EditSurcharge_After_Submit

Assigning either View OR Admin rights allows a user with appropriate rights to the Surcharges form to edit the values in the Surcharge Type, Quantity, and Surcharge Amt fields and access the Override Surcharge Amt checkbox after pricing is submitted and until pricing is locked. Once pricing is locked, the system does not allow a user to edit the fields.

Note:

The entity is supplemental and will not override form-level security provided by the gen_Surcharges entity. It will also not override any field-level security on individual pricing fields. Any user who is not in a role that allows them general access to view and edit the Surcharges form (as well as access to view and edit any individually secured pricing fields on the Surcharges form) will not be granted access by the biz_EditSurcharge_After_Submit entity to edit surcharge pricing fields after pricing is submitted.
By default, Global Administrators can edit the Surcharge record pricing fields up until pricing is locked without this entity assigned.

See Creating Pricing.

View/Admin

biz_EditSUTA_After_Submit

Allows the user to edit the value in the SUTA Bill Rate field until Pricing is Locked. Once Pricing is Locked, the system does not allow a user to edit the SUTA Bill Rate. See Creating Pricing.

View

biz_EditWC_After_Submit

Allows the user to edit the value in the pricing state WC Discount and Client Modifier fields, and also override the pricing code Net Comp Rate field until Pricing is locked. Once Pricing is Locked, the system does not allow a user to edit these fields.

View

biz_pricing_batch_can_override_admin_percent

Used in Pricing Batch business rule HE_ValidateAdminPercentage which fires when a user tries to enter an Admin Percentage lower than the Default Admin Percentage. Having this entity allows the user to bypass this validation.

biz_pricing_batch_multibatch

Enables use of multiple comparison batches

biz_pricing_code_can_view_header

View

biz_pricing_state_can_override_premium_discount

biz_pricing_submitted_batch

Users with View rights to this entity can edit pricing fields when the Batch is in Submitted and Underwriting status. Otherwise, the pricing fields can only be edited when the Batch is in New status.

View

biz_pricingconsole_canchangeuser

Users allowed to change pricing console user filter

biz_pricingconsole_breakdown

User allowed to see the pricing breakdown matrix at the bottom of the pricing console and in the pricing widget on the workspace landing page.

Note: By default, Global Admin users cannot view the pricing breakdown matrix at the bottom of the pricing console. Add this entity to the Global Administrator role or another role to which the user is a member so that Global Admin users can view the pricing matrix.

View

biz_pricingconsole_add_statecodes_activatedstatus

Controls access to the Add State & Code button on the Pricing Console. When the status of the Pricing Batch is Activated, you can secure the button so that only certain user roles can perform the action.

Add

biz_surcharge_can_view_header

View

biz_surcharges_clientsetup

SecEntity associated with Client Setup Field access on the Pricing Console.

biz_view_pc_gp_after_commissions

Allow visibility to Pricing Console Gross Profit After Commissions

View

biz_workflow_benefitbenefitplan_activate

Controls access to the Company Benefits Plan workflow link - activate

View

biz_workflow_benefitbenefitplan_expire

Controls access to the Company Benefits Plan workflow link - expire

View

biz_workflow_benefitbenefitplan_pending

Controls access to the Company Benefits Plan workflow link - set to pending

View

biz_workflow_benefitbenefitplan_reject

Controls access to the Company Benefits Plan workflow link - reject

View

biz_workflow_benefitbenefitplan_select

Controls access to the Company Benefits Plan workflow link - select

View

biz_workflow_benefitplan_activate

Controls access to the Administrative Benefits Plan workflow link - activate

View

biz_workflow_benefitplan_cancel

Controls access to the Administrative Benefits Plan workflow link - cancel

View

biz_workflow_benefitplan_expire

Controls access to the Administrative Benefits Plan workflow link - expire

View

biz_workflow_benefitplan_pending

Controls access to the Administrative Benefits Plan workflow link - pending

View

biz_workflow_benefitplan_renew

Controls access to the Administrative Benefits Plan workflow link - renew

View

biz_workflow_cm_accept

Controls access to Client Master pricing workflow link - accept

Edit

biz_workflow_cm_activate

Controls access to Client Master pricing workflow link - activate

Edit

biz_workflow_cm_activate_future

Controls access to Client Master pricing workflow link - activate future (based on activation date)

Edit

biz_workflow_cm_activate_now

Controls access to Client Master pricing workflow link - activate now

Edit

biz_workflow_cm_approve

Controls access to Client Master pricing workflow link - approve

Edit

biz_workflow_cm_clone

Controls access to Client Master pricing workflow link - clone (pricing batch)

Edit

biz_workflow_cm_contract_signed

Controls access to Client Master pricing workflow link - contract signed

Edit

biz_workflow_cm_create_batch

Controls access to Client Master pricing workflow link -

Edit

biz_workflow_cm_decline

Controls access to Client Master pricing workflow link - decline an existing batch

Edit

biz_workflow_cm_expire

Controls access to Client Master pricing workflow link - expire an existing batch

Edit

biz_workflow_cm_kill

Controls access to Client Master pricing workflow link - kill an existing batch

Edit

biz_workflow_cm_reactivate

Allows the reactivation of RFPs that were set to Dead

Edit

biz_workflow_cm_reinstate

Allows you to re-instate a terminated client

Edit

biz_workflow_cm_reprocess

Allows you to re-process a batch, sets it back to pre-submit

Edit

biz_workflow_cm_submit

Allows you to submit a batch from the Client Master header link

Edit

biz_workflow_cm_terminate

Allows you to Terminate a client from the Client Master Header link (moves client to Pending Termination Status)

Edit

biz_workflow_coi_approve

Allows access to the Approve link on Certificate of Insurance

View

biz_workflow_coi_cancel

Allows access to the Cancel link on Certificate of Insurance

View

biz_workflow_coi_expire

Allows access to the Expire link on Certificate of Insurance

View

biz_workflow_coi_issue

Allows access to the Issue link on Certificate of Insurance

View

biz_workflow_employeebenefits_renew

Controls access to the Renew Link on the EmployeeBenefits dataform

View

biz_workflow_pb_accept

Controls access to the Pricing Batch workflow link - accept

Edit

biz_workflow_pb_activate

Controls access to the Pricing Batch workflow link - activate

Edit

biz_workflow_pb_activate_future

Controls access to the Pricing Batch workflow link - activate future - based on activation date

Edit

biz_workflow_pb_approve

Controls access to the Pricing Batch workflow link - approve

Edit

biz_workflow_pb_clone

Controls access to the Pricing Batch workflow link - clone

Edit

biz_workflow_pb_decline

Controls access to the Pricing Batch workflow link - decline

Edit

biz_workflow_pb_kill

Controls access to the Pricing Batch workflow link - kill

Edit

biz_workflow_pb_submit

Controls access to the Pricing Batch workflow link - submit

Edit

biz_workflow_pc_activate

Controls access to the Pricing Code workflow link - activate

Edit

biz_workflow_pc_decline

Controls access to the Pricing Code workflow link - decline

Edit

biz_workflow_policy_sendcoi

Controls access to the Workers' Comp Policy action link to send certificates of insurance

View

biz_workflow_ps_activate

Controls access to the Pricing State workflow link - activate

Edit

biz_workflow_ps_approve

Controls access to the Pricing State workflow link - approve

Edit

biz_workflow_ps_decline

Controls access to the Pricing State workflow link - decline

Edit

biz_workflow_ps_kill

Controls access to the Pricing State workflow link - kill

Edit

biz_workflow_ps_submit

Controls access to the Pricing State workflow link - submit

Edit

BusinessIntelligenceModule

Controls whether the Delete button is present for non-administrator and developer users on the Business Intelligence User dashboard module.

Note: By default, this security entity is added to the EVERYONE role with View, Add, Edit and Delete access set. However, Add rights still require the User Details Reporting Profile assignment to have the Allow Report Creation flag checked.

View/Add/Edit/Delete

CRM_CanSaveDuplicates

Controls whether a CRM user can save a duplicate organization or must request review

View

gen_dataformname

Dataform security

View/Add/Edit/Admin

gen_dataformName_field

Dataform Field security

View/Add/Edit/Admin

gen_DiscussionMessage

Security entity used to control access to the Case Discussion and Case Attachments dataforms.

Note: By default, this security entity is added to the EVERYONE role with View, Add, and Edit access set.

View/Add/Edit/Delete/Admin

gen_Surcharges

Security entity used to control access to the Pricing Console Surcharges section.

Note: By default, Global Administrators can delete surcharges. Other users requiring access to delete surcharges must be assigned the gen_surcharges Delete rights. If a surcharge type is secured, they will also need Delete rights to the entity for that surcharge type.

View/Add/Edit/Delete/Admin

Incident

Allows the user to view, add, and edit tasks. This entity is present by default PEO Employee Role) with View/Add/Edit rights.

View/Add/Edit

Incident_Can_Add_Without_Dataform

Allows the user to view, add, and edit tasks. You can use the Add button on Task Manager dashboards and the plus (+ ) icon on the Task Manager widget. A workplace selector displays with both options.

View/Add/Edit

Incident_AllowTaskMaintance

Allows the User to edit a Task even when they are not the user indicated as Owner, Assigned To, Creator, or listed in the Subscribe panel.

Incident_Fieldname

Controls field-specific security on the task - not configurable

View/Add/Edit

Incident_Dash_CanViewAllUsers

Unlocks the User search field on the Task Search Module.

Incident_IsActive

Secures the Active option on Tasks. This does not affect mass updates through the task manager. Users with the rights to perform mass updates can still mark a task as Inactive by completing and archiving the task.

View

PricingConsole

At least View rights are required to provide access to Pricing Console.

View

ProfitabilityBreakdown

Allows the user to view the profit information at the bottom of the Pricing Console.

View

QuickEdit

At least Add rights required to provide access to Enhanced Pricing Console Quick Edit Form

Add/Edit/Admin

QuickEdit_ClientModifier