HISP Rwanda LogoHISP Rwanda
Administration Overview

User Management

User accounts determine who can enter data, verify reports, or configure settings. Well-managed accounts protect information and clarify responsibilities across the program. This guide covers account creation, maintenance, security practices, and troubleshooting tips.

Why user management matters

  • Assigns roles and facility links to each individual, ensuring access matches responsibilities.
  • Removing inactive accounts improves security and keeps audit trails clean.
  • Changes in DHIS2 propagate to the dashboard automatically, but local configuration ensures accurate role mapping.

Components of a user record

  • Full name and username – Pulled from DHIS2 to maintain consistency across systems.
  • Email and phone number – Contact channels for notifications or support.
  • Role assignments – Define what the user can see and do in the dashboard.
  • Linked organisation units – Facilities or districts the user works with, controlling access to data entry and reports.
  • Partner association – Optional field indicating the partner the user represents.
  • Status – Active, suspended, or disabled.
  • Audit log – History of account creation, role changes, and deactivation events.

Access control for administrators

  • Only system administrators should manage user accounts.
  • Regional coordinators may request changes but should not perform them directly.
  • All modifications should require authentication and be logged automatically.

Creating a user

Navigate to Administration and select Users. The list shows existing accounts with filters for role, partner, and facility.

Click Add User. Search for the individual in the DHIS2 registry to import their base information.

Choose the appropriate role(s) based on the user’s responsibilities. Link the user to their facility or district to control visibility.

Confirm contact details, partner associations, and notes. Save the record and inform the user about their account.

Maintaining user accounts

  • Regular audits – Review the user list monthly to remove accounts for staff who have left or changed roles.
  • Role adjustments – Update roles promptly when responsibilities expand or contract.
  • Password resets – Guide users through the DHIS2 reset process if they cannot log in. Do not store or share passwords.
  • Suspensions – Temporarily disable accounts for staff on leave while retaining their history.
  • Documentation – Record the reason for each change in the notes field for transparency.

Security best practices

  • Enforce strong passwords via DHIS2 policies and encourage multi-factor authentication where available.
  • Limit administrator accounts to a small, trusted group.
  • Educate users about phishing risks and how to verify official communications.
  • Monitor login activity for unusual patterns, such as repeated failed attempts or access outside expected hours.

Integrations with other modules

  • Data Entry and Quality Score Entry – User access controls which facilities appear in the selectors, so ensure assignments match responsibilities.
  • Partner Assignments – Align partner staff accounts with their funded facilities for accurate dashboard access.
  • Bank and Tariff modules – Restrict access to financial sections to prevent unauthorized edits.

Handling common scenarios

  • Staff transfer – Update the user’s organisation unit links and roles to match their new facility. Notify relevant supervisors.
  • Temporary contractor – Create a time-bound account with a clear end date and minimal permissions.
  • Account compromise – Disable the account immediately, reset credentials through DHIS2, and review recent activity for suspicious changes.
  • Mass onboarding – Use bulk import tools if available, then audit each account to confirm correct roles and facilities.

Frequently asked questions

Do users need separate credentials for the dashboard? No. Users sign in with their DHIS2 username and password, so keep DHIS2 accounts up to date.

Can one user have multiple roles? Yes, but assign only the roles necessary for their tasks. Too many roles can grant unintended access.

How do we handle volunteers or temporary staff? Create accounts with limited permissions and set reminders to deactivate them when the assignment ends.

What if a user cannot see their facility? Check that the user is linked to the organisation unit in both DHIS2 and the dashboard. Also verify partner assignments if the workspace filters by partner.

How do we ensure accountability? Use the audit log to review who made changes. Encourage supervisors to confirm that staff use individual accounts rather than sharing credentials.

Troubleshooting checklist

  • User not receiving notifications: confirm email and phone details, then check notification settings.
  • Account locked after failed attempts: follow DHIS2 procedures to unlock and remind the user about password policies.
  • Role changes not taking effect: have the user log out and back in, or clear browser cache.
  • Unable to delete a user: ensure they are not the last administrator. Reassign responsibilities before deletion.

Key takeaways

  • Keep user accounts accurate and up to date to safeguard data and streamline workflows.
  • Review roles regularly and limit administrator access to trusted staff.
  • Coordinate with other modules to ensure permissions align with program responsibilities.
  • Maintain thorough documentation of changes for audits and accountability.

Effective user management ensures smooth operation of the PBF dashboard and safeguards sensitive data.

Tariff Management

Previous Page

Contact Us

Next Page

On this page

Why user management matters
Components of a user record
Access control for administrators
Creating a user
Maintaining user accounts
Security best practices
Integrations with other modules
Handling common scenarios
Frequently asked questions
Troubleshooting checklist
Key takeaways