MFA (Multi Factor Authentication) Feature
We have added an even higher level of security available to all clients called Multi Factor Authentication (MFA).
Before we advise more details of this amazing iinsight solution (further below) it is reassuring to know how iinsight is already helping you to comply with GDPR (EU) and Privacy Amendment Act 2017 (AUS) and prevention of data breaches will be further enforced when using Multi Factor Authentication (MFA):
Data breach – How iinsight® helps you comply with GDPR (EU) and Privacy Amendment Act 2017 (AUS)
There is a global reinforcement and accountability on organisations data protection obligations which have included European Union and Australia updating their legislations respectively, GDPR and Privacy Amendment Act 2017, is to include an obligation on companies to notify individuals and governing authorities when personal information involved in a data breach is likely to result in serious harm.
Prevention is the Key
A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.
Today, simple use of passwords, tokens, or biometrics is not enough to prevent unauthorized access. Instead, Multi-Factor Authentication (MFA) is one of the most effective controls an organisation can implement to prevent an adversary from gaining access to a device or network and accessing sensitive information, therefore its implementation is recommended by ACSC (the Australian Cyber Security Centre) and ENISA (the European Union Agency for Network and Information Security).
To help organisations comply with the new legislations, focus on strong privacy governance and encourage good practice, iinsight® will now be supporting Multi Factor Authentication (MFA). This will help your organisation prevent issues, such as health records been stolen or compromised, due to users sharing passwords, having predictable passwords etc…
The transition from single password to MFA will be done in 2 steps to enable organisations to update their Access Control Policies and Procedures accordingly.
iinsight® Solution: MFA – via Google Authenticator App
This multi-factor authentication method uses a time-limited one-time 6-digit PIN provided via the Google authenticator mobile app as a second authentication factor. When the users enrol, they scan a QR code so that a one-time PIN can be provided to them after registering their mobile phone with the iinsight application.
During the logon process the google authenticator app provides the users with a one-time 6-digit PIN in order to complete the authentication process. The users then provide this information to the iinsight login service, which verifies the credentials of that user and grants or denies access to the iinsight resources. The expiry time of the one-time PIN generated via the google authenticator app is set to renew every 60 seconds.
Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) - For more information, see www.oaic.gov.au/ndb
GDPR Art 33 Data Breaches - For more information, see https://gdpr-info.eu/art-33-gdpr/
We would like our clients to jump on board and take advantage of this higher level of security and start using MFA, this will also help you to be familiar with this method before at some point (yet to be announced) this authentication method will be mandatory.
Enabling MFA
To enable MFA for your organisation, you need to go to Options/Security/Multi Factor Authentication tab (as below) and Enable:
Then download the ‘Google Authenticator’ App for Android or Apple as appropriate:
When clients have enabled MFA for their Company, they will be presented with the following login to iinsight (the MFA code is generated from the Google Authenticator App on your phone):
Once you have enabled MFA for your Company all your staff will be using MFA by default, however, if for example, somebody loses their phone, their Manager/Administrator can temporarily disable the MFA method for that particular user in Admin/Manage Users/User Details/Untick ‘User is using MFA method’ option as below (the user will then need to scan the bar code to their new device/mobile when they have one):
Password and Username Policy
Username must be email formats
The system is to enforce that all usernames must be email formats. We have some users who have been creating usernames that are not in valid email formats – e.g. they were just creating single names - this will no longer be allowed.
Enforce Password History policy
The Enforce Password History policy will set how often an old password can be reused. It will be implemented with a minimum and default value of 10 previous passwords remembered. Organisations will be able to select a value from 10 through to 25 passwords remembered.
Minimum Password Age policy
This policy determines how long users must keep a password before they can change it. The minimum age should be set from one to seven days with a default of three days.
Maximum Password Age policy
The Maximum Password Age policy determines how long users can keep a password before they are required to change it. The value should range from 90 days to 180 days with a default of 120days. Users will be able to select from a drop-down box where they can select their organisations desired value with 10-day increments. e.g. 90 – 100 – 110 etc.
Passwords Must Meet Complexity Requirements policy
Passwords need to be strong.
Email Notifications
Create e-mail notifications prior to password expiry to remind your users when it’s time to change their passwords before they actually expire.
New iinsight Templates Variable ‘Total Costs to Date’
We have created a brand new iinsight Templates Variable called ‘Total Costs to Date’.
This links to the Total dollar cost in the costs tab for Activities/Items.
You will firstly need to uninstall the previous version you have of iinsight Templates via your Control Panel (or Repair the current version):
Then install the latest version of the iinsight Templates which is available under the help icon:
Once installed the new variable will display in the iinsight Templates App (as below):
The ‘Total costs to date’ variable links to the Total Charges of Activities and Items in the Costs Tab for any given case as per the below example:
Please see the below example of a document used in the relevant case from the previous screenshot:
Service Contract field added to Finance Menu/Invoices Tab
The Service Contract field has been added to the Finance Menu/Invoices Tab:
IINSIGHT to allow linking to multiple Xero databases
Previously IINSIGHT only allowed communication with a single Xero platform, however, now iinsight allows linking to multiple instances of Xero.
IINSIGHT will Allow users to select “All” Business Divisions and assign a single Xero OAuth Credential to this. (If users choose the same Consumer Key and Consumer Secret key for multiple Business Divisions then all invoices etc from these Business Divisions will map to the one Xero account):
New option to include Letter heads on “Payments” in the same way that we do with “Invoices”
There is a new drop-down menu in the Charges menu/Service Contracts/Options tab (above the “Invoice Letterhead” drop down field) called “Also apply to payments.”
If this checkbox is ticked then whichever Invoice Letterhead is selected for a Service Contract will be applied to both an Invoice and a Payment when they are printed:
New Column in the Finance Menu/Costs Tab called ‘Date Invoiced’
There is a new Column in the Finance Menu/Costs Tab called ‘Date Invoiced’ and we have also renamed the existing “Date" field to "Date Created" so the two type of dates are clearly understood.
IINSIGHT Menus User Interface Changes
The iinsight menus that used to automatically display on the left-hand side of iinsight are now hidden until you select the menu button as marked with an arrow below, this gives you a better view and maximises your space:
Managing Profiles Feature
Previously after you had created a user permissions profile such as ‘Consultant’, ‘Administrator’ or ‘Management’ for example, if you then wanted to add or remove any more permissions you had to do this individually for every user that had that particular profile.
Now there is a very useful and time saving feature that lets you add or remove whichever permissions you desire to the profile itself and you can then apply this to all users who have that profile at the same time.
If you go to Admin/Manage Profiles as below:
If you then choose a Profile name you wish to modify permissions for, as per the below example:
Then go the Permissions Tab and remove or add any desired permission/s such as remove ‘Can Modify Costs’ permission for example, then Click Next as below:
You will then be presented with a list of all your users who currently have that particular Profile applied to their login and you can choose whether you wish for the full list of users to have that permission amended or just some of the users:
Most likely you will wish for the full list of users currently with that Profile to have the permission/s amended accordingly and if so it will take effect as soon as you save it, however, if one or more users are not selected, it is important to know that the users omitted will have their Profile name changed to ‘Custom Profile’ as they will no longer be using the same Profile as the other users that were selected.
Also, any users that are currently using the system without using any Profile will have a Profile automatically applied called ‘Custom Profile’ by default.
IINSIGHT LanternPay Integration
LanternPay is an open cloud-based claim payment platform designed to standardise claim payments across the health, care, disability, insurance and ageing sectors.
With a few easy clicks on the web, in our mobile/tablet apps, or through seamless partner integration, our smart technology brings simple, instant invoicing, claiming and payment options for providers, approvers and programs to the point of service – ultimately enabling better outcomes for Australians who receive support funding.
IINSIGHT LanternPay Integration is now available.
LanternPay is a claim payments platform that offers a single, simple process for service providers to claim and get paid by the following bodies:
The Transport Accident Commission (VIC)
The Lifetime Support Authority (SA)
NDIS plan managers.
LanternPay makes claiming quick and simple, reducing effort, uncertainty and payment delays when serving program funded participants.
Confirm participant eligibility instantly.
Easily submit digital invoices from your choice of device and business interface system.
Enjoy real-time visibility of claims status and approvals.
Have certainty you’ll get paid fast for approved invoices.
Reconcile payments quickly and easily with digital remittances.
View claim and contract history in one place.
To find out more, visit lanternpay.com/providers
The Key benefits of iinsight LanternPay Integration are as below:
Reduced double data entry and associated administrative costs.
Automatic synchronisation of invoices from iinsight® to LanternPay.
Automatic synchronisation of payments from LanternPay to iinsight®.
Free ongoing upgrades to the latest version of the iinsight® - LanternPay connector.
Keep track of all transactions via dashboards, periodic messaging and daily reports.
Setup Part 1
Using LanternPay’s API we can read and write information to have both systems iinsight and LanternPay) always synchronised.
Step1. When client has signed a contract with iinsight, they will have this checkbox enabled:
1.- Go to Options
2.- Select Financial Settings Tab
3.- Select LanternPay Tab
At that point the client will be enabled to add the information to connect to LanternPay API. Users will need to log into LanternPay create an account and Generate your PMS Keys. LanternPay will provide a file like this one:
With the information obtained from your account, please add to the following:
1.- Enable by Click on the checkbox Enable Lantern Pay Connector
2.- Insert the information into the Fields as show.
3.- Click on Check Credentials button, you will get the following message.
4.- If the information has been added Successfully, please click Save button to complete the process, if is invalid, please review the information inserted on Step 2 and click again Check Credentials and if have success, click Save button.
Setup Part 2
After setting up the information on Financial Settings, you need to enable LanternPay on every Service Contract that will be used.
Steps required:
1.- Go to Charges and then Service Contract.
2.- Select the Service Contract and on the right side on Options Tab, select LanternPay – TAC.
Information on Cases required for LanternPay.
For the Sync between iinsight and LanternPay the following information is needed to be entered on the required cases:
Date of Birth (DOB) from the Case List/Client Tab:
Claim Number from the Case List/Case Tab:
Sync with LanternPay and iinsight
When an invoice is created, this will synch automatically with LanternPay and the user will able to see the success and fail sync on the Case List/Accounts Menu and Finance Menu.
E-mail notifications
In Admin/Manage Groups (this group is created when LanternPay is enabled in the dashboard and you manually add users to this group):
The email to this group every 24 hrs will include all transactions that have gone to LanternPay and show the successful and failed transactions.
We have created some LanternPay related fields in Admin/Manage Users/User Details called ‘Provider Registration Number’ and ‘Medicare Provider Number’ where the consultant enters their details:
We have also created a new Invoice Template variable called ‘Consultant.Medicare’ which links to the Medicare Provider number field.
New Filter Added to the Case List Report called Diagnosed Injury
There is a new Report filter available for the Case List Report called Diagnosed Injury, this new filter will be placed under the ‘Nature of Injury’ filter and above the ‘Requirements’ filter, (as per the below screenshot):
We already have a reporting filter called ‘Nature of Injury’, in the Case List Report and we also wanted to introduce another filter called ‘Diagnosed Injury’ that will use the Diagnosed Injury value from the Case List/Client tab. From a usability perspective this will operate in exactly the same way as ‘Nature of Injury’ but just use the ‘Diagnosed Injury value’ as a report filter as well.
Plans/Programs Total Sum Plans Improvements
We have made some user-friendly improvements to the below Plans (Service Based Plans remain the same):
Total Sum Monetary Based
Total Sum Time Based
Charge Code Monetary Based
Charge Code Time Based
You can now enter the entire budget for of any of the 4 above plans at the top of the ‘Plan Edit Window’ by selecting the ‘Edit Amount’ Check Box (as per the below example marked with arrows) :
Please note: If the entire Plan budget is entered at the top of the Plan Edit Window (the amount column in the below Activities/Items will display as $0.00: (but the ‘Amount to Date’ will update as you add Billings)
The other choice you have is that instead of adding the entire ‘Plan Budget’ at the top of the ‘Plan Edit Window’ – you can add the amounts individually against the ‘Activities/Items ‘and the ‘Plan Edit Window’ Amount will update as you do so:
3 new ‘Sort by’ field filters added to the Quicklinks/Invoice Wizard
We wanted to introduce 3 new ‘Sort By’ filters underneath the ‘Invoice Date’ when using the Quicklinks/Invoice Wizard - this will allow users to choose how they wish their invoices to be sorted when they are created and made available for printing.
The 3 new ‘Sort by’ field filters are as below:
Invoice Number
Client Name
Bill to Name
NDIS Bulk File Report has a new ‘Optional’ Sort by Filter ‘Claim Reference’
The NDIS Bulk File Report has a new ‘Optional’ ‘Sort by Filter’ called ‘Claim Reference’ which some clients have requested.