Granular role-based permissions for Admins, Doctors, Receptionists with page-level and location-level data isolation.
Full access to all clinic operations — appointments, settings, reports, and user management. Sees data across all locations.
Dedicated medical cockpit showing only their own patients, appointments, and prescriptions. Automatic scope filtering.
Front desk operations: appointment booking, check-ins, token generation, and patient registration. No clinical data access.
Create any role (Nurse, Lab Tech, Billing Staff) with individually toggled page-level permissions for complete flexibility.
| Permission | Admin | Doctor | Receptionist |
|---|---|---|---|
| appointments.view | ✅ | ✅ (own) | ✅ |
| appointments.create | ✅ | ✅ | ✅ |
| prescriptions.create | ✅ | ✅ | ❌ |
| invoices.view | ✅ | ❌ | ✅ |
| reports.finance | ✅ | ❌ | ❌ |
| settings.manage | ✅ | ❌ | ❌ |
Restrict staff to specific branches at the user level. A receptionist at Branch A only sees Branch A data, even if other receptionists have global access.
Limit visibility to specific doctors per staff member. Perfect for assistants or nurses who only manage specific clinicians within a branch.
Sensitive prescription fields (symptoms, observations, diagnosis) are encrypted at rest for maximum security and HIPAA compliance.
Move beyond rigid roles. Scoping is applied as a global model scope to individual accounts, ensuring automatic, fail-safe data isolation.