Skip to main content

User Management: Roles, Permissions & Access Levels

The User Management module allows administrators to define the hierarchy and operational boundaries for every staff member. By carefully configuring roles and access levels, you ensure that employees only have visibility into the data necessary for their specific job functions, maintaining both operational efficiency and HIPAA/GDPR compliance.

1. Roles

Roles serve as the template for staff responsibilities. Instead of configuring permissions for each individual employee, you assign them to a predefined role.

  • Standard Roles: The system comes pre-loaded with roles such as Administrator, Doctor, Nurse, Receptionist, and Billing Specialist.
  • Custom Roles: Create specialized roles (e.g., Clinical Intern or Lab Technician) to reflect the unique structure of your practice.
  • Role Assignment: Easily move staff between roles as their responsibilities evolve within the clinic.

2. Permissions

Permissions dictate the granular "actions" a user can perform within the system.

  • Action-Based Permissions: Enable or disable specific abilities, such as Create Appointment, Edit Medical Note, Export Financial Data, or Delete Patient Record.
  • Module-Specific Permissions: Control which areas of the system a role can enter (e.g., denying a Receptionist access to the Accounting Integration module).
  • Inheritance: When you assign a user a role, they automatically inherit the permission set associated with that role, ensuring consistency across your team.

3. Access Levels

Access Levels provide a secondary layer of data security, controlling the scope of what a user can see.

  • Departmental Access: Restrict users to only see records belonging to their specific department (e.g., Dermatology staff cannot view Ophthalmology records).
  • Provider-Specific Access: Limit doctors to only view patients currently assigned to them or their shift.
  • Global vs. Restricted Access: Define whether a user has "View All" capabilities for the entire clinic or is restricted by site, facility, or patient list.

4. How to Configure

  1. Navigate to Settings > User Management.
  2. Define Roles: Select "Manage Roles" to create or edit your role list.
  3. Set Permissions: Within each role, check the boxes for the specific actions or modules that role requires.
  4. Assign Access Levels: Use the "Access Scope" settings to define the depth of data visibility for each role.
  5. Manage Users: Navigate to the "Staff" tab to assign these roles and access levels to individual employees.

5. Frequently Asked Questions

  • Can I override a role's permissions for one person? Yes, you can add "Exception Permissions" to an individual’s profile without needing to create a new role.
  • How do I audit who changed a setting? All modifications to roles and permissions are logged in the System Audit Trail, which tracks who made the change and at what time.