DHIS2 Orientation
Understanding Users, Roles
& Access
A simple guide for programme partners new to DHIS2
What is DHIS2?
🗄️
A Database
Stores all programme data — ANC visits, health facility scores, training records and more.
📊
A Dashboard
Turns raw numbers into visual charts and indicators so you can track progress instantly.
🔐
A Controlled System
Not everyone sees everything. Access is carefully managed based on each person's job.
Think of it like a hospital: A doctor sees patient records, a receptionist manages appointments, and an administrator manages staff — same building, different access.
3
Building Blocks of Access
Every person's access in DHIS2 is defined by four things working together
The 4 Layers of Access Control
👤
User Account
A unique login (username + password) for each person. This is who you are in the system.
🎭
User Role
Defines what actions a user can perform — enter data, view reports, manage other users, etc.
👥
User Group
Defines what data a user can see — which dashboards, datasets, and programmes are visible.
🏥
Organisation Unit
Defines where a user works — which health facilities or districts they can enter data for.
01
User Roles
What can each person do in the system?
Roles in Our DHIS2
| Role Name |
Who Is This For? |
What They Can Do |
| Data Entry |
Health facility staff, data clerks |
Enter & edit data in forms and Capture app. View dashboards. |
| Data Viewer |
Programme officers, supervisors |
View dashboards and reports only. Cannot enter or change data. |
| User Access Management |
Programme coordinators, admins |
Create & manage user accounts. Assign roles and groups to users. |
| Superuser |
System administrator only |
Full system access. Configure programmes, indicators, forms. |
Key rule: A user can only be given a role that is equal to or less than the access of the person creating their account. You cannot grant more than what you have.
02
User Groups
What can each person see in the system?
User Groups in Our System
📋 Dataset Entry Group
- Monthly aggregate data entry form (HF Level)
- ANC, PNC, PPFP, and FP service counts by age band
- For: Health facility data clerks & nurses
👁️ Data Viewer Group
- View-only access to all programme dashboards
- Cannot enter, edit, or delete any data
- For: Programme officers, supervisors, partners
📡 Programme-specific Capture Groups
— each group gives access to exactly one Capture programme
PPAs service experience tools
HFs Readiness tools
MSS Of Health Facilities
User Satisfaction Tools
Support Log
Training Database
FP Simulation HFs
Home Visit Tracking Sheet
Mentorship Database
💡 Key point: Add a user only to the programme group(s) they actually need. A community worker collecting PPAs data only needs PPAs service experience tools — not all 9 programmes.
03
Organisation Units
Where does each person work?
Organisation Unit Hierarchy
🇳🇵 Nepal — National level
Karnali Province
— ProvinceJajarkot / Jumla / Kalikot
— DistrictPatarasi Rural Municipality
— MunicipalityWard 01, 02, 03 …
— Health facility / Ward
Why does this matter?
A health facility worker assigned to Ward 01 can only enter data for that ward.
A district supervisor assigned to Jajarkot can view data for all wards inside Jajarkot.
A national admin assigned to Nepal can see everything.
04
Putting It Together
How the three layers combine to define what a user experiences
How Access Is Determined
👤
User Account
Identifies WHO you are
→
🎭
User Role
Decides WHAT you can do
→
👥
User Group
Decides WHAT you can see
→
🏥
Org Unit
Decides WHERE you work
Example: A health facility in-charge gets → Data Entry role + Dataset Entry Group + HFs Readiness tools group + Ward 01 org unit
Result: She can fill the monthly ANC form and register HF Readiness assessments — only for her assigned ward.
Real Example — Creating a New User
1️⃣
Create the account
Go to User Management → Add User. Enter their name, username, and a temporary password.
2️⃣
Assign a Role
Select Data Entry (for facility staff) or Data Viewer (for supervisors who only need to see reports).
3️⃣
Add to the right Group(s)
Add them to Dataset Entry Group (for monthly forms) and/or the specific programme group(s) they need in the Capture app — e.g. PPAs service experience tools.
4️⃣
Set their Organisation Unit
Assign the specific ward or health facility they are responsible for. They can only enter data for their assigned location.
05
Step-by-Step Walkthrough
How to add a user, assign a role, and add them to a group — in DHIS2
Step 1 — Open User Management
savedhis2.helloworldnepal.com
All Apps
📊
Dashboard
📋
Data Entry
📡
Capture
1️⃣
Click the grid icon (⊞) at the top right
This opens the DHIS2 app menu.
2️⃣
Find and click "Users"
It may also appear as "User Management" in older versions.
3️⃣
You'll see the User list
All existing users are shown here. Click + Add User to create a new one.
Who can do this? Only users with the User Access Management role or Superuser can access this app.
Step 2 — Fill in User Details
Add New User
Min. 8 characters. Must include letters and numbers.
✏️
Use a consistent username format
Recommended: firstname.lastname (e.g. sita.shrestha). Avoid spaces or special characters.
🔑
Set a temporary password
Share it with the user securely. They should change it on first login.
📧
Email is optional but recommended
Useful for password reset notifications.
⚠️ Important: Usernames cannot be changed once created. Choose carefully.
Step 3 — Assign a User Role
Roles and Groups
Available User Roles
Data Entry →
Data Viewer →
User Access Management Role →
Assigned Role
✓ Data Entry
Choose the right role for the job:
Data Entry
For staff who enter data into forms (nurses, data clerks, community workers).
Data Viewer
For staff who only need to view dashboards (supervisors, programme officers).
User Access Mgmt
For coordinators who manage other users' accounts.
⚠️ Rule: You can only assign roles you yourself have. You cannot give more access than you have.
Step 4 — Add to User Group(s)
Available User Groups
Dataset Entry Group →
HFs Readiness tools →
MSS Of Health Facilities →
PPAs service experience tools →
Training Database →
+ 5 more programme groups…
Assigned Groups
✓ Dataset Entry Group
✓ HFs Readiness tools
✓ MSS Of Health Facilities
Which groups should they join?
📋
Data clerk / nurse entering monthly form
→ Add to Dataset Entry Group
📡
Staff using the Capture app
→ Add to the specific programme group(s) they need — e.g. HFs Readiness tools or PPAs service experience tools
👁️
Supervisor who only views reports
→ Add to Data Viewer Group
⚠️ Least privilege: Only add the groups they actually need. Do not add all programme groups to every user.
Step 5 — Set Organisation Unit
Select Organisation Unit for data capture
▶ 🇳🇵 Nepal
▶ Karnali Province
▼ Jajarkot District
▶ Patarasi Rural Municipality
Key rules for Organisation Units:
📍
Assign the lowest level they work at
A ward-level nurse should be assigned their specific ward — not the whole district.
🔒
Users can only submit data for their assigned OU
They cannot enter data for other wards or districts.
📂
Higher-level users see all data below them
A district supervisor assigned to Jajarkot can view all ward data within that district.
💾 Don't forget to click Save! After filling all details, scroll down and click the Save button to create the account.
❓ Common Questions
🤔
"I can log in but I don't see any data forms"
You are not in the right User Group yet. Ask your administrator to add you to Dataset Entry Group or Capture Entry Community Group.
🤔
"I can see the form but my health facility is not in the list"
Your Organisation Unit assignment is missing or wrong. The admin needs to assign you to the correct ward or facility.
🤔
"I need to create accounts for my team — what do I need?"
You need the User Access Management Role. With this, you can create and manage accounts for users in your area.
Quick Reference — Who Gets What?
| Person |
Role |
Group(s) |
Org Unit |
| Health Facility Nurse / Data Clerk |
Data Entry |
Dataset Entry Group |
Their ward / facility |
| Staff using Capture app |
Data Entry |
Programme-specific group(s) they need
e.g. PPAs service experience tools, HFs Readiness tools |
Their facility / community OU |
| Programme Supervisor / Officer |
Data Viewer |
Data Viewer Group |
District or Province |
| Programme Coordinator (manages users) |
User Access Mgmt |
Data Viewer Group |
Nepal (national) |
Remember: Role = what you can do. Group = what you can see and access. Assign only the specific programme groups a user actually needs.
Key Takeaways
👤
Every person needs an account
Each user has a unique login. Accounts are never shared between people.
🎭
Role = what you can DO
Data Entry, Data Viewer, User Management — each role unlocks different capabilities.
👥
Group = what you can SEE
Being in the right group makes dashboards and data entry forms visible to you.
🏥
Org Unit = WHERE you work
You can only enter data for the health facilities or locations assigned to your account.
Thank You 🙏
Questions about access? Contact your DHIS2 programme administrator.
🌐 savedhis2.helloworldnepal.com
📧 Save the Children — ANC Programme
Use ← → arrow keys or buttons below to navigate
