Download original attachment
(PDF file)
This is an HTML version of an attachment to the Official Information request 'Actions taken by ACC since 2022 Privacy Report'.


GOV-028268
Request Access to Eos and MFP v3.0
Outputs
4.0
Request user access via ICT Self Service
3.0
Seek internal support guidance (if applicable)
2.0
Review the Role Mapping dictionary (RMD)
f
1.0
Determine new user access
1.1
Determine change of role for Existing staf
1.2
Determine additional or removal of user access
riggers & Inputs
T
Client Service Leader
Team Leader
ACC > Human Resource Management > Manage Onboarding > Request Access to Eos and MFP
Uncontrolled Copy Only : Version 3.0 : Last Edited Thursday, 26 January 2023 1:15 PM : Printed Friday, 20 October 2023 11:27 AM
Page 1 of 4

GOV-028268
Request Access to Eos and MFP v3.0
Summary
Objective
To on-board and request Eos and MFP system access for an employee through the ICT self service, including updating the employee 
role and system access.
Background
Within two days of the candidate completing onboarding, hiring Leaders receive an email to approve the creation of a New User ac-
count for system access.
Once the user is created, Leaders can access any additional system requirements through ICT Self Service. Leaders can use the 
Role Mapping Dictionary to identify the access required for Eos/MFP, Telephony, Salesforce, Shared inboxes and Heartbeat.
Owner
[Out of Scope]
Expert
Procedure
1.0 Determine new user access
Client Service Leader, Team Leader
Identify the type of role that the staff member requires to do their core role.
NOTE How do you identify the type of role that the staff member requires to do their core role?
Review the Te Kahu checklist to find the role type.
NOTE What if the staff member requires Remote Claims Unit (RCU) access?
Contact the RCU team leader via [email address] to discuss the need for RCU access. RCU access will be 
managed outside of this process.
Review activity 1.0 of the below process to determine what information you need to provide when requesting access 
to RCU. This process ends.
PROCESS Manage Remote Claims Unit (RCU) Access to Eos
NOTE What if the staff member requires Third Party Administration (TPA) access?
Contact the TPA team leader to discuss the need for TPA access. TPA access will be managed outside of this process.
Review activity 1.0 of the below process to determine what information you need to provide when requesting access 
to TPA. This process ends.
PROCESS Manage Third Party Administrator (TPA) Access to Eos
1.1 Determine change of role for Existing staff
Client Service Leader, Team Leader
Identify the type of role that the staff member requires to do their core role.
NOTE How do you identify the type of role that the staff member requires to do their core role?
Review the Te Kahu checklist to find the role type.
NOTE What if you want to check the users current Eos access.
Review the 'Check & Confirm Eos Access - System Steps' to determine your current user access.
If you are a leader, review the system access report below.
Check & Confirm Eos Access - System Steps
System Access Report
NOTE What if the user is an existing MFP or EOS user?
Request for the existing access to be removed to ensure that the user has got the correct access and can only access 
the information that they require to complete their role.
NOTE What if the user is an existing MFP or EOS user but no longer require access?
Request for the access to Eos and MFP be removed. Go to step 4.0 to complete the request. This process ends.
NOTE What if you want to update the Employee profile on HRIS in addition to Eos access?
Go to the '(NGCM) Request and update change in reporting line/roles' process for further instruction on how to update 
the Employee profile on HRIS.
PROCESS (NGCM) Request and update change in reporting line/roles
ACC > Human Resource Management > Manage Onboarding > Request Access to Eos and MFP
Uncontrolled Copy Only : Version 3.0 : Last Edited Thursday, 26 January 2023 1:15 PM : Printed Friday, 20 October 2023 11:27 AM
Page 2 of 4
GOV-028268
1.2 Determine additional or removal of user access
Client Service Leader, Team Leader
Check your current Eos user access by reviewing the 'Check & Confirm Eos Access - System Steps' to determine your current 
user access, if applicable.
Check & Confirm Eos Access - System Steps
NOTE What if you discover that you have more access than the RMD indicates for your role?
Go to 4.0 and submit an ICT request to have the additional access removed.
For more information go to 2.0 Review the Role Mapping Dictionary.
NOTE What if you discover that you have less access than the RMD indicates for your role?
Go to 4.0 and submit an ICT request to have the missing access added.
For more information go to 2.0 Review the Role Mapping Dictionary.
2.0 Review the Role Mapping dictionary (RMD)
Client Service Leader, Team Leader
Review the Role Mapping Dictionary to identify the access required for Eos/MFP.
Role Mapping Dictionary
NOTE What if the role you are searching for is not on the RMD?
Go to 3.0 'Seek internal support guidance'.
NOTE What if the access you require is not part of the standard role access in the RMD?
Go to 3.0 'Seek internal support guidance'.
NOTE What if you require additional system requirements compared to the Role Mapping Dictionary?
Refer to the Delegations framework to check if the additional access is appropriate for the user access request and 
role.
If the additional access is appropriate Go to 3.0 Seek internal support guidance to request the access.
Delegations framework - sharepoint
Check & Confirm Eos Access - System Steps
NOTE What if you are unsure if the additional access request is appropriate?
Go 3.0 'Seek internal system support' for advice on the correct and appropriate additional access.
3.0 Seek internal support guidance (if applicable)
Client Service Leader, Team Leader
Review the self-service guide to determine if the query can be resolved without an ISST request.
Self-service guide - requesting Eos and MFP access
NOTE What if you were unable to resolve your query by reviewing the Self-service guide?
Continue with 3.0 b and seek internal systems support guidance.
Complete the Internal System Support Team (ISST) Microsoft form and ensure you complete all the fields.
Request Internal Systems Support form
Submit the form to the ISST for review.
4.0 Request user access via ICT Self Service
Client Service Leader, Team Leader
Log into ICT Self Service, locate the application/system that the new staff member needs access to.
ICT Self Service
Complete all the relevant sections by copying and pasting the correct information from the Role Mapping dictionary.
NOTE Please disregard the instructions on the ICT Self Service EOS and MFP request form and follow the relevant 
system steps below instead.
Request Eos & MFP Access for a New User – System Steps
Request Updated Eos & MFP Access for an Existing User - System Steps
NOTE What if you require access to NGCM Salesforce, Shared mailboxes, Skype/telephony set up with regional hunt 
group information?
Go to the ICT User Setup Guide for further guidance on how to request access to NGCM Salesforce, Shared mail-
boxes, Skype/telephony set up with regional hunt group information etc.
ACC > Human Resource Management > Manage Onboarding > Request Access to Eos and MFP
Uncontrolled Copy Only : Version 3.0 : Last Edited Thursday, 26 January 2023 1:15 PM : Printed Friday, 20 October 2023 11:27 AM
Page 3 of 4
GOV-028268
NOTE What if my previous request for Eos and MFP access have been declined?
Your request may have been declined because:
· The access request does not match the access in the RMD
· The request may have been unclear
· You may not be entitled to the access you have requested.
ICT User Setup Guide
Submit the ICT request for management approval and processing.
ACC > Human Resource Management > Manage Onboarding > Request Access to Eos and MFP
Uncontrolled Copy Only : Version 3.0 : Last Edited Thursday, 26 January 2023 1:15 PM : Printed Friday, 20 October 2023 11:27 AM
Page 4 of 4
GOV-028268
 
 
 
 
ACCESS MONITORING CRITERIA 
 
Appropriate Access Assessment  
We are committed to respecting the personal information and privacy of ACC’s clients, employees, 
and stakeholders. To achieve this, we must manage the information entrusted to us by adhering to 
the legislative and policy framework outlined below: 
POLICY/GUIDELINE 
DESCRIPTION 
Personal Information and 
This policy sets out how ACC collects, stores, uses, discloses, retains, 
Privacy Policy 
and protects personal information in line with the Privacy Act 2020 
 
and the Health Information Privacy Code 2020. 
Personal Information and 
These guidelines supplement ACC’s Care of Personal Information 
Privacy Guidelines 
Policy. 
 
 
Integrity Policy 
This policy sets out the standards of integrity and conduct that ACC’s 
 
people must comply with, together with how ACC will manage and 
investigate potential integrity breaches. 
Integrity Guidelines 
These guidelines supplement ACC’s Integrity Policy. 
 
Code of Conduct 
This policy governs the behaviours of all employees of ACC, to enable 
 
us to meet the expectations placed upon us as a Crown Entity. These 
standards incorporate the standards that apply to all State Servants, 
detailed in the State Services Standard of Integrity and Conduct. 
 
Aligned to this framework, the criteria below have been developed to use as part of the Access 
Monitoring Check.  
Access Assurance Rating: 
After discussing the access of each claim with the team member, an Access Assurance Rating must 
be applied to each instance of access. The options are: 
•  Assurance: This rating should be applied when you are confident that there is a valid 
business reason for the access and evidence has been identified that supports that the 
access is in-line with our policies and guidelines.  
 
•  Low Assurance: This rating should be applied when you have been unable to confirm a 
valid business reason for the access and/or cannot identify any evidence that would 
support that the claim access was in-line with our policies and guidelines.  
 
BUSINESS REASON 
EVIDENCE OF ACCESS 
ASSURANCE RATING 
COMMENTARY 
FOR ACCESS 
YES 
YES 
ASSURANCE 
NO 
YES / NO 
NO 
LOW ASSURANCE 
YES 
 
 

 
GOV-028268
 
 
 
 
 
A rating of Low Assurance would indicate that second tier validation may be required, including 
supplying supporting commentary into the Client Information Access Validation Tool.  
Ultimately, Team Leaders will need to apply some judgement when determining the Access 
Assurance Rating and whether second tier validation is required. It’s about the reasonableness of 
the access and subsequent inquiries to decide as to the appropriateness of that access. It may not be 
definitive, but we need to demonstrate that reasonable steps have been taken (and documented) to 
verify the access. 
The ‘business reasons’ listed in the criteria below have been identified by frontline staff as valid 
reasons for accessing a claim. These criteria will be updated over time as more information about 
valid reasons for access are identified. 
 
Access Evaluation Criteria 
Reasons for access that can be evidenced on the claim 
BUSINESS REASON 
DESCRIPTION 
EXAMPLE 
EVIDENCE 
Claim 
Registration of a claim 
•  Claim registration 
•  Logs in Eos 
 
establishment 
or client record 
•  Upload or update 
 
  
client/claim information as 
  
part of lodgement 
 
Request for 
The team member 
•  Phone call requesting 
•  Contacts in Eos 
information from  receives a request for 
information 
•  Email filed away 
party to claim 
information for (or 
•  Feedback received from 
•  Task details logged 
 
from?) a claim party 
client 
•  Logs in Salesforce 
 
(eg client, ATA, or 
•  Complaint received from 
•  Document added to 
 
provider) 
client 
claim 
  
 
•  Emailed document 
 
 
•  Client Administration task 
 
  
•  MyACC setups 
 
•  Responding to live chats 
  
•  Email responses 
 
Planned task or 
Action was required to  •  EOS task or Salesforce 
•  Logs in Eos or 
intervention 
complete a planned 
intervention 
Salesforce 
  
task 
  
  
Allocate work 
 
Team member 
•  Workforce management 
•  Contacts in Eos 
receives a request 
allocate claim to 
•  Case Owner field 
internally to perform 
department or team 
•  Task details 
 
an action on a claim 
member 
 
•  Workforce 
 
management/Team Leader 
 
allocate task 
 
 
  

 
GOV-028268
 
 
 
 
Internal work 
 
•  Entitlement task to 
•  Contacts in Eos 
request 
Recovery Admin 
•  Logs in Salesforce 
 
•  Recovery Support – Hotline  •  Task details 
 
or written guidance 
 
 
•  Request from Payment 
 
 
team to extend a PO  
  
 
•  Managing CC task queues 
  
•  Managing a colleagues 
inbox 
 
  
 
Reasons for access that may not be evidenced on the claim 
BUSINESS REASON 
DESCRIPTION 
EXAMPLE 
POSSIBLE EVIDENCE 
(IF ANY) 
Advice or 
Team member 
•  Seeking advice 
•  Induction material 
Guidance 
accessed the claim 
from a colleague 
•  Support plan 
 
to provide support, 
•  Providing 
•  Floorwalker tracker 
 
or guidance for 
training 
•  Buddy feedback 
 
learning purposes 
•  Buddying 
 
 
 
•  Floorwalking 
 
 
•  Supporting with 
 
 
threatening calls 
 
 
•  Reception cover 
 
 
queries where 
 
 
access is 
 
 
restricted re 
 
 
sensitive claims  
 
Review previous 
Reviewed previous 
•  Mental Injury 
•  Written guidance 
claim(s) 
claim to assess 
claims 
•  Recovery plan 
 
cover, duplication or 
•  Surgery requests 
•  Duplicate tab 
  
entitlement for a 
•  Previous Rehab  
 
new claim 
•  Consequential 
 
 
injuries 
 
Service or quality 
Action was required 
•  Side-by-sides  
•  Side-by-side 
review 
to provide quality or 
•  CXQ 
feedback forms 
 
service assurance 
•  Quality assurance   
 
 
reviews 
 
 
•  Access 
Monitoring 
 

 
GOV-028268
 
 
 
 
 
Other requests 
 A request required 
•  Responding to a 
 
action that falls 
Ministerial 
 
outside of the norm 
•  System 
  
 
maintenance 
  
•  Provide 
anonymised 
information for 
analysis/ training 
  
Locate correct 
Claim accessed to 
•  Uploading a 
•  Logs in Eos 
claim 
identify the correct 
document 
•  Duplicate tab 
 
claim to action a 
(without claim 
 
 
request or 
number) to the 
 
 
information 
correct claim 
 
 
 
•  Accessing 
 
 
 
multiple claims 
 
 
 
to find P/O 
 
 
 
•  Client unable to 
 
 
 
recall claim 
 
 
 
number 
 
 
•  Entering an 
incorrect claim # 
in the search 
 
Request or 
Team member 
•  Provider may call 
•  Evidence could sit in 
information from 
received a 
or email querying 
MFP or in the 
party to claim 
request/information 
an invoice that 
Genesys Engage 
 
from a party to the 
has not released 
system 
 
claim (eg provider) 
or a purchase 
 
 
order