What can I (the user) do to ensure the content is secure?
1. Keep your Chrome browser up to date. Here is how.
2. Create limited user roles and do not share user logins.
3. Use Two-Factor Authentication
Read how to do this and more on security below.
What does Clinic HQ do to ensure the content is secure?
Read more on this in the Privacy Policy.
Enabling Two Factor Authentication for Logging In
This means that when you log into Clinic HQ, you must enter your email, password, and a 6-digit code. The 6-digit code comes from the Google Authenticator app.
Follow these steps to enable two-factor authentication for your login.
1) Download the Google Authenticator app on your personal cellphone.
Apple: https://apps.apple.com/app/google-authenticator/id388497605
Android: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en_US&gl=US
2) Log into Clinic HQ. Go to Profile >User Preferences
3) Click the ENABLE button next to Two-factor authentication.
The screen will change to show this:
4) Open the Google Authenticator app on your phone and click the + to add a new account.
*Choose to Scan a QR code. *
Your camera should open to scan the QR code displayed on your computer screen. This QR code is unique to your user’s two-factor authentication setup.
5) As soon as the QR code is scanned, your account will be listed. A 6-digit code will be provided. It changes every 15 seconds. Type the 6-digit code into the field and click ENABLE.
6) ALL DONE! Test your two-factor login. Click the Profile button to log out of Clinic HQ. Login – enter your email and password. When you click Log In, it will ask for the 6-digit code. Open your app and enter the current code before it expires. Click the login button again.
User Roles & Anti-Theft Measures
To prevent employee theft, there are two important things you can do: allow only one manager access to remove payments (user roles) and reconcile your bank deposit.
User Roles: Payment removal
In Settings > Users > User Roles, you can create a role like “Accounting Admin,” enable all privileges, including the ability to remove payments and assign only one person to this role. This means that if a payment needs to be removed, staff will need to ask the manager with this privilege to remove the payment. Then assign other roles to others in the organization.
Consider which of these specific roles everyday users should have access to:
Reconciling Bank Deposits
At the end of each day, you should run the reconciliation report and count what you have in the cash drawer plus your credit card receipts to make sure everything balances out. Then put the following protocols in place:
- A manager should print the recon report and initial next to the totals to confirm everything is balanced at the end of the day.
- Then fill out a bank deposit slip for the same amounts.
- Photocopy the slip and attach it to the printed recon pages, and put it in a three-ring binder.
- Paperclip the bank deposit slip and money together and store it in an appropriate place until a manager is ready to make the bank deposit.
- Manager makes the deposit and gets the receipt from the bank, then attaches the receipt of the same deposit amount to the recon slip copy bundle.
- For each deposit, there should be a print of the recon report, a photocopied deposit slip, and ultimately a bank receipt of that deposit.
- Every month, the accounts person should go in and pull up the deposits via the bank software and again confirm the amounts deposited.
