Understanding roles & permissions
Learn how HiBoop roles control what each staff member can view, edit, and manage across your clinic.
1 min read · Updated June 26, 2025
HiBoop uses a role-based access control system to ensure each team member only sees and manages what they need to. Roles are assigned when inviting staff and can be updated at any time by a clinic admin.
Default roles
| Role | Description |
|---|---|
| Account Admin | Full access to all features including settings, billing, staff, and all patient data |
| Clinical Admin | Manages patients, assessments, and reports, no billing or admin settings |
| Care Provider | Access to their own assigned patients and results |
| Front Desk | Handles patient intake and scheduling; limited clinical data access |
| Support Staff | Read-only access to patient results |
Viewing and editing roles
- Go to Settings > Roles
- Click on any role to see its full permission set
- Use the Assigned Team Members section to add or remove users from a role
- Adjust individual permissions grouped by category (Patient Access, Assessment Controls, Admin & Reporting)
- Save changes
Creating custom roles
If your clinic's workflow requires a permission set not covered by the defaults, click + Add Role to create a custom role with a tailored permission set.
Best practices
- Assign the least-privileged role that allows each staff member to do their job
- Review role assignments when staff responsibilities change
- Remove access promptly when a staff member leaves the clinic
Role-based access & HIPAA compliance
Role-based access controls are a core component of HiBoop's HIPAA and PIPEDA compliance posture. Limiting data access to only what each staff member needs, the "minimum necessary" standard, is a fundamental requirement under both frameworks.
Was this article helpful?