Policies
Policies are the actual actions that can be performed within the system.
They act as fine-grained permissions that control what actions a user, device, or application can take, and what data they can access.
Policy View
The Policies view in the Admin Portal is where system administrators can see and manage the rules that govern actions and data access within the system.
What Policies Are & Why They Matter
Policies define what actions a user (or group) is allowed to do and which data they can see or modify. They help enforce security, privacy, and business rules consistently across the system.
Policies are often attached to Groups, and then groups are assigned to Users. This means a policy assigned to a group will apply to everyone or everything in that group.
Generally
Policies represent specific actions or rights (for example, “read patient data” or “alter system configuration”).
Policies enforce security, privacy, and business rules consistently across the system.
Policies can be assigned to:
Groups → Users inherit policies through their group memberships.
Devices → Policies can be directly assigned to a device identity.
Applications → Policies can be directly assigned to an application identity.
This layered model keeps access control consistent while allowing flexibility.
Default Policies
To see the collection of Default Policies, please se the Default Policies Page
Everyday Use
For most technical staff, it is enough to know that policies exist and are applied through groups, devices, and applications:
You normally do not need to create new policies.
The built-in policies provided by the system are sufficient for almost all use cases.
To grant or restrict access:
Add a user to a group that has the correct policies.
Assign policies directly to a device or application if needed.
What You Can Do in the Policies View
List / View Policies: See all existing policies (system and custom).
View Details: Inspect policy identifiers (UUID, OID, name, handler, etc.).
Advanced Use
Create New Policies (non-system): Add action or data policies.
Delete Policies: Remove policies that are not system-defined.
Table Columns
When inspecting the Policy Table, the list of columns displayed are listed below:
OID
Object Identifier used in policy inheritance (child OIDs derive from parent).
Policy Name
A readable short name for the policy.
Status
Indicator of Status or Custom
Last Update
Indicates the last date and time this policy was updated
Actions
A collection of controls to manage the selected policy
(e.g. View, Delete)
How to Use Policies (Basic Use)
🚧To list and view policies within the system, please follow the steps below:
View Policies In the Admin Portal, navigate to Security → Policies. The list of policies will display.
Viewing or Editing a Policy
To view or edit a policy, please see the Policy View/Edit Page
Advanced: Custom Policies and Policy Handlers
Creating new policies are typically for Developers Only
If you need a policy that the built-in options don’t support, you can provide a C# handler which implements the logic of that policy. However, because the ICDR (server component) must compile with that handler, this is an advanced maneuver and normally done by developers.
Creating Custom Policies
Although it is possible to create custom policies using C# handlers (with compilation required for the ICDR), this is an advanced operation and is rarely needed in everyday use. For most deployments, the built-in policies suffice.
If you do need to create or modify policies, refer to the official SanteSuite docs:
Retention Policies (for data lifespan / persistence policies)
Last updated