Skip to main content

Administrator Guide

Complete guide for clinic administrators and system managers

Overview

As an administrator, you have full access to all Turtle RCM features plus:

  • User management (create, edit, deactivate users)
  • System configuration
  • Audit logs and compliance reports
  • Billing rules management
  • AI service configuration

This guide covers admin-specific features.

User Management

Creating New Users

1. Go to User Management

  • Click "Admin" in sidebar
  • Or Dashboard → "User Management" quick action

2. Click "Add New User"

3. Fill Required Fields:

  • Username: Unique across all clinics (email or custom)
  • Email: For notifications (Phase 2)
  • Full Name: Display name
  • Role: Admin, Doctor, or Biller
  • Temporary Password: User will change on first login

4. Save User

  • System creates user in registry
  • User can log in immediately
  • Prompt to change password on first login

User Roles Explained

Admin:

  • Full access to everything
  • User management
  • System configuration
  • All clinical and billing features
  • Reports and analytics
  • Audit logs

Doctor (Clinician):

  • Patient intake and management
  • Scheduling
  • Session documentation
  • View claims (read-only)
  • Cannot submit claims
  • Cannot manage users

Biller:

  • Limited patient info (demographics, insurance)
  • Claims creation and submission
  • Prior authorization
  • Denial management
  • Reports
  • Cannot access full clinical notes
  • Cannot manage users

Editing Users

1. Find user in list 2. Click "Edit" button 3. Modify:

  • Name
  • Email
  • Role
  • Reset password (if user locked out)
  1. Save changes

Deactivating Users

When employee leaves:

  1. Find user in list
  2. Click "Deactivate"
  3. Confirm
  4. User immediately logged out
  5. Cannot log in again
  6. Historical data preserved

HIPAA requirement: Deactivate within 24 hours of termination.

Viewing Audit Logs

1. Go to User Management 2. Click user name 3. View "Activity Log" tab

Shows:

  • Login times
  • Pages accessed
  • Patients viewed
  • Claims created/submitted
  • Configuration changes

Retention: 6 years (HIPAA requirement)

System Configuration

Clinic Settings

1. Go to Admin Panel 2. Click "Clinic Settings"

Configure:

  • Clinic name: Display name
  • Address: Physical location
  • NPI: National Provider Identifier
  • Tax ID: EIN for billing
  • Phone/Fax: Contact information

Provider Settings

Add new provider:

  1. User Management → "Providers"
  2. Add provider with NPI
  3. Link to user account (if they log in)
  4. Set availability/schedule

Provider information used for:

  • Claims (rendering provider)
  • Prior authorization requests
  • FHIR data exchange

Payer Configuration

Add insurance companies:

  1. Admin Panel → "Payers"
  2. Click "Add Payer"
  3. Enter:
    • Payer name (e.g., "Aetna")
    • Payer ID (from payer)
    • FHIR endpoints (CRD, DTR, PAS)
    • Submission method (FHIR, clearinghouse, paper)
  4. Save

System uses payer configuration for:

  • Eligibility checks
  • Prior authorization
  • Claim submission
  • Rules engine queries

Visit Type Management

Custom visit types:

  1. Admin Panel → "Visit Types"
  2. Add new visit type:
    • Name (shown in scheduler)
    • Default duration
    • CPT code (for billing)
    • Telehealth eligible (yes/no)
  3. Save

Examples:

  • "Initial Assessment - 90 min"
  • "Medication Follow-up - 15 min"
  • "Group Therapy - 90 min"
  • "Family Session - 60 min"

AI Service Management

(Admin only - requires technical knowledge)

AI Features Control

1. Go to AI Management

  • Click "AI Services" in sidebar

2. Configure each AI feature:

Speech-to-Text:

  • Enable/disable per user or globally
  • Set preferred language
  • Configure medical vocabulary hints

Code Suggestions:

  • Enable/disable
  • Set confidence threshold (show only high-confidence suggestions)
  • Review override patterns (where AI is consistently wrong)

Denial Prediction:

  • Enable/disable
  • Set risk threshold (what % triggers warning)
  • Review prediction accuracy
  • Add custom risk factors

Appeals Generation:

  • Enable/disable
  • Set tone (professional, assertive, etc.)
  • Customize templates

Model Performance Monitoring

Track AI accuracy:

  • Code suggestions: % accepted vs. overridden
  • Denial prediction: % of flagged claims actually denied
  • Appeals: % of AI-drafted appeals that succeeded

Monthly model updates:

  • System retrains models with new data
  • Notification shown in AI Management
  • Can rollback to previous model if accuracy drops

Safe Harbor Access

(Technical admin only)

View de-identification status:

  • Which data has been de-identified
  • Last update timestamp
  • Data volume sent to training database
  • Verification that all 18 HIPAA identifiers removed

Audit Safe Harbor access:

  • Who accessed training data
  • When
  • For what purpose
  • Compliance verification

Billing Rules Management

(Admin only)

Rules Engine Configuration

1. Go to Billing Rules

  • Click "Billing Rules" in sidebar

2. View active rules:

  • By payer
  • By state
  • By CPT code

3. Configure data sources:

  • Which payer manuals to monitor
  • Update frequency
  • Alert on changes

Adding Custom Rules

For clinic-specific policies:

  1. Click "Add Custom Rule"
  2. Define conditions:
    • Payer
    • CPT code
    • Diagnosis
    • State
  3. Set action:
    • Require prior auth
    • Add modifier
    • Use specific POS code
    • Alert biller
  4. Save rule

Use cases:

  • Clinic participates in special programs
  • Payer has verbal agreement not in written policy
  • Internal compliance requirements

Monitoring Policy Updates

Automatic checks:

  • System monitors payer websites for changes
  • Alerts admin when policy update detected
  • Can review old vs. new policy
  • Approve for inclusion in rules engine

Reporting & Analytics

Dashboard Overview

Admin dashboard shows:

  • Active users
  • Recent activity
  • Pending claims
  • Authorization expiration alerts
  • System health
  • Upcoming appointments

Compliance Reports

HIPAA-required reports:

Audit Log Report:

  • All user activity
  • Export for compliance review
  • 6-year retention

Access Report:

  • Who accessed which patient records
  • Unusual access patterns
  • After-hours access
  • Potential security issues

Breach Assessment:

  • Unauthorized access attempts
  • Failed logins by user
  • Account lockouts
  • Suspicious activity

Business Reports

Financial:

  • Revenue by period
  • Revenue by provider
  • Revenue by payer
  • A/R aging

Operational:

  • Productivity (sessions per provider)
  • No-show rates
  • Authorization utilization
  • Capacity planning

Clinical:

  • Patient census
  • Diagnosis mix
  • Treatment modalities used
  • Outcomes tracking (assessment score trends)

Custom Reports

Build your own:

  1. Reports → "Custom Report Builder"
  2. Select data source (patients, claims, sessions)
  3. Choose fields to include
  4. Set filters
  5. Group/sort as needed
  6. Save for reuse

Data Management

Backup & Recovery

Automated backups:

  • Daily incremental
  • Weekly full
  • 30-day retention on-site
  • 1-year retention off-site

Manual backup:

  1. Admin Panel → "Backup"
  2. Click "Create Backup Now"
  3. Download when ready

Restore from backup:

  • Contact Turtle RCM support
  • Specify date to restore to
  • Downtime required (2-4 hours)
  • Test in staging environment first

Data Export

Export all clinic data:

  1. Admin Panel → "Export Data"
  2. Select format:
    • CSV: Spreadsheet-compatible
    • JSON: For developers
    • FHIR Bundle: For EHR migration
  3. Select date range
  4. Click "Export"
  5. Download encrypted ZIP file

Uses:

  • Switching to different EHR
  • Custom analysis
  • Compliance audits
  • Archival

Data Import

Import from previous system:

  1. Prepare data (CSV or FHIR format)
  2. Admin Panel → "Import Data"
  3. Upload file
  4. Map fields (which column = what)
  5. Validate (system checks for errors)
  6. Review conflicts/duplicates
  7. Confirm import

Supported formats:

  • CSV (patients, appointments, claims)
  • FHIR Bundle (full data import)
  • X12 837 (claims)

Security Management

User Access Control

Review user access:

  • Who has access to what
  • Last login time
  • Active sessions
  • Suspicious activity

Access reviews:

  • Monthly: Check for inactive users
  • Quarterly: Verify roles still appropriate
  • Annually: Full access audit

Failed Login Monitoring

Track security events:

  • Failed login attempts
  • Account lockouts
  • Password changes
  • After-hours access

Alerts (Phase 2):

  • Multiple failed logins (possible attack)
  • Unusual access patterns
  • Access from new location/device

Incident Response

If security incident suspected:

1. Immediate actions:

  • Change affected user password
  • Review audit logs
  • Document what happened
  • Preserve evidence

2. Assessment:

  • What data was accessed?
  • Was it unauthorized?
  • How many patients affected?
  • Is notification required?

3. Notification (if breach):

  • < 500 patients: Notify within 60 days
  • ≥ 500 patients: Notify HHS + media within 60 days
  • Contact Turtle RCM support for assistance

4. Remediation:

  • Fix vulnerability
  • Additional training
  • Enhanced monitoring
  • Policy updates

Troubleshooting

User Can't Login

Check:

  • Username correct (case-sensitive)
  • Password correct
  • Not locked out (5 failed attempts = 15 min lockout)
  • User not deactivated

Fix:

  • Reset password via User Management
  • Wait 15 min if locked out
  • Reactivate if deactivated

System Performance Issues

Common causes:

  • Too many concurrent users
  • Large report generation
  • Database needs maintenance
  • Internet connectivity

Solutions:

  • Check system status dashboard
  • Schedule resource-intensive tasks off-hours
  • Contact Turtle RCM support for database optimization

Data Sync Issues

If data appears outdated:

  • Refresh page
  • Clear browser cache
  • Check internet connection
  • Verify not looking at cached data

Best Practices

User Management

DO:

  • Deactivate terminated employees immediately
  • Use strong passwords (enforce with policy)
  • Review audit logs monthly
  • Train users on security
  • Document access policies

DON'T:

  • Share admin accounts
  • Use weak passwords
  • Ignore failed login alerts
  • Let inactive accounts linger
  • Skip access reviews

System Configuration

DO:

  • Document configuration changes
  • Test in staging before production (if available)
  • Keep payer information updated
  • Review AI performance monthly
  • Maintain backup of configuration

DON'T:

  • Change settings without understanding impact
  • Forget to update payer FHIR endpoints
  • Ignore model performance degradation
  • Delete audit logs (6-year retention required)

Data Management

DO:

  • Test backups monthly (restore to staging)
  • Export data quarterly for safety
  • Clean up duplicate records
  • Archive old claims (keep per retention policy)
  • Monitor database size

DON'T:

  • Rely solely on automated backups
  • Delete patient records (archive instead)
  • Import data without validation
  • Skip data quality checks

Phase 2 Features (Coming Soon)

Firebase Integration

Enhanced authentication:

  • Google Sign-In
  • Self-service password reset via email
  • Multi-factor authentication (MFA)
  • Email verification

Setup required:

  • GCP project configuration
  • Firebase console setup
  • Email template customization
  • See FIREBASE_SETUP_GUIDE.md in docs/

Advanced Features

Coming in future releases:

  • Patient portal (patients access own records)
  • Appointment reminders (email/SMS)
  • Online payment processing
  • E-prescribing integration
  • Advanced analytics dashboards
  • Mobile app for providers

Getting Help

Documentation Resources

💡 Need Help?

For questions, support, or feedback:
💬 Join our Discord community (primary forum): discord.gg/SwE7zq8fbF
🐙 GitHub: @ab1nash
💡 Submit feedback through the platform's feedback button

FAQ for Admins

Q: How many users can I add?
A: Unlimited. Per-provider pricing means you can add all staff.

Q: Can I bulk import users?
A: Yes. Use CSV import with username, email, name, role.

Q: How do I change user roles?
A: Edit user → Change role → Save. Takes effect immediately.

Q: Can users have multiple roles?
A: No. One role per user. Create separate accounts if needed (e.g., admin who also does billing).

Q: How do I run compliance reports?
A: Admin Panel → Reports → Compliance. Select report type and date range.

Q: What if I accidentally delete data?
A: Contact support immediately. May be recoverable from backup (within 30 days).

Checklist for New Admins

Week 1

  • Change your temporary password
  • Review audit logs
  • Verify all active users are correct
  • Deactivate any terminated employees
  • Check system configuration (clinic name, NPI, tax ID)
  • Test creating a patient (test data)
  • Test creating a claim (test data)
  • Review AI settings
  • Set up payer information

Month 1

  • Train all users on proper documentation
  • Review billing workflows
  • Check denial rates
  • Optimize AI settings based on feedback
  • Set up regular reporting schedule
  • Document internal procedures
  • Schedule compliance audit

Ongoing

  • Monthly: Review audit logs
  • Monthly: Check user access
  • Monthly: Review denial patterns
  • Quarterly: Full security review
  • Quarterly: AI performance review
  • Annually: Compliance audit
  • As needed: User training refreshers

Next Steps

  • Set up users: Start with User Management section above
  • Configure system: System Configuration section
  • Learn AI features: AI Management
  • Understand security: Security & Compliance
Last updated: November 2025