{"id":20,"date":"2025-12-18T09:06:45","date_gmt":"2025-12-18T09:06:45","guid":{"rendered":"http:\/\/192.168.1.159\/wp_plugins\/dev\/kivicare-revamp\/2025\/12\/18\/user-roles-access-control\/"},"modified":"2026-02-05T05:28:16","modified_gmt":"2026-02-05T05:28:16","slug":"user-roles-access-control","status":"publish","type":"post","link":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/kivicare-lite\/documentation\/core-concepts\/user-roles-access-control\/","title":{"rendered":"User Roles & Access Control"},"content":{"rendered":"
\n

KiviCare uses a role-based access control (RBAC)<\/strong> system to ensure that every user can access only the features relevant to their responsibilities<\/strong>. This helps clinics maintain data security, privacy, and operational efficiency<\/strong>.<\/p>\n\n\n\n

All roles in KiviCare are plugin-specific and fixed<\/strong>, while their permissions are fully configurable<\/strong> by administrators.<\/p>\n\n\n\n

<\/div>\n\n\n\n
\n\n\n\n

Overview of Role-Based Access Control<\/strong><\/h2>\n\n\n\n

Each user in KiviCare is assigned a specific role. Each role has a predefined set of capabilities<\/strong> that control:<\/p>\n\n\n\n

    \n
  • What menus are visible<\/li>\n\n\n\n
  • Which actions can be performed (view, add, edit, delete, export)<\/li>\n\n\n\n
  • Which medical and administrative data can be accessed<\/li>\n<\/ul>\n\n\n\n
    \n

    \ud83d\udca1 TIP:<\/strong> Permissions can be enabled or disabled per role<\/strong> from the KiviCare dashboard, allowing you to customize the system to match your clinic’s workflow.<\/p>\n<\/blockquote>\n\n\n\n

    \n\n\n\n

    \ud83d\udc65 Available User Roles in KiviCare<\/strong><\/h2>\n\n\n\n

    KiviCare provides the following fixed plugin-specific roles<\/strong>:<\/p>\n\n\n\n

      \n
    1. Administrator<\/li>\n\n\n\n
    2. Clinic Admin<\/li>\n\n\n\n
    3. Doctor<\/li>\n\n\n\n
    4. Receptionist<\/li>\n\n\n\n
    5. Patient<\/li>\n<\/ol>\n\n\n\n
      \n

      \u26a0\ufe0f WARNING:<\/strong> Roles cannot be deleted or renamed, but their permissions are fully customizable.<\/p>\n<\/blockquote>\n\n\n\n

      \n\n\n\n

      \ud83e\uddd1\u200d\u2695\ufe0f Role Descriptions & Access Scope<\/strong><\/h2>\n\n\n\n

      Administrator<\/h3>\n\n\n\n

      The highest-level role<\/strong> with full control over the system.<\/p>\n\n\n\n

      Key Responsibilities<\/strong><\/h4>\n\n\n\n
        \n
      • Global system configuration<\/li>\n\n\n\n
      • Clinic and staff management<\/li>\n\n\n\n
      • Medical and billing oversight<\/li>\n\n\n\n
      • Permission management<\/li>\n<\/ul>\n\n\n\n

        Access Highlights<\/strong><\/h4>\n\n\n\n
          \n
        • Manage clinics, doctors, receptionists, and patients<\/li>\n\n\n\n
        • Full access to appointments, encounters, prescriptions, and medical records<\/li>\n\n\n\n
        • Configure services, taxes, schedules, email notifications, and settings<\/li>\n\n\n\n
        • SMS\/WhatsApp notifications (Pro)<\/li>\n\n\n\n
        • Enable\/disable permissions for all roles<\/li>\n\n\n\n
        • Access to the WordPress admin panel<\/li>\n\n\n\n
        • System-wide reporting and analytics<\/li>\n\n\n\n
        • Manage integrations and extensions<\/li>\n<\/ul>\n\n\n\n
          Feature<\/span><\/th>Access Level<\/span><\/th><\/tr><\/thead>
          Dashboard Access<\/td>Full system dashboard<\/td><\/tr>
          Clinic Management<\/td>Create, edit, delete all clinics<\/td><\/tr>
          User Management<\/td>Manage all user types<\/td><\/tr>
          Appointments<\/td>View, create, edit, delete all appointments<\/td><\/tr>
          Patient Records<\/td>Full access to all patient data<\/td><\/tr>
          Medical Records \ud83d\udd37 PRO<\/td>View all encounters and medical history<\/td><\/tr>
          Billing & Invoices \ud83d\udd37 PRO<\/td>Complete billing management<\/td><\/tr>
          Reports \ud83d\udd37 PRO<\/td>Generate all reports<\/td><\/tr>
          Settings<\/td>Configure all system settings<\/td><\/tr>
          Permissions<\/td>Modify role capabilities<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

          When to Use Administrator Role<\/strong><\/h4>\n\n\n\n
            \n
          • System owners<\/strong> and IT administrators<\/li>\n\n\n\n
          • Technical support<\/strong> personnel<\/li>\n\n\n\n
          • Primary clinic owners<\/strong> managing multiple locations<\/li>\n<\/ul>\n\n\n\n
            \n

            CAUTION:<\/strong> Limit Administrator access to trusted users only<\/strong> as they have complete system control.<\/p>\n<\/blockquote>\n\n\n\n

            \"\"<\/figure>\n\n\n\n
            \"\"<\/figure>\n\n\n\n
            \n\n\n\n

            Clinic Admin<\/strong><\/h3>\n\n\n\n

            Manages day-to-day operations of a specific clinic<\/strong> without needing WordPress admin access.<\/p>\n\n\n\n

            Key Responsibilities<\/strong><\/h4>\n\n\n\n
              \n
            • Clinic-level staff and patient management<\/li>\n\n\n\n
            • Appointment and service configuration<\/li>\n\n\n\n
            • Billing and reporting for their clinic<\/li>\n\n\n\n
            • Operational oversight<\/li>\n<\/ul>\n\n\n\n

              Access Highlights<\/strong><\/h4>\n\n\n\n
                \n
              • Manage doctors, receptionists, and patients within their clinic<\/li>\n\n\n\n
              • Manage clinic profile, services, taxes, and schedules<\/li>\n\n\n\n
              • Access encounters, prescriptions, medical records, and billing<\/li>\n\n\n\n
              • Configure custom fields and forms for their clinic<\/li>\n\n\n\n
              • Generate clinic-specific reports<\/li>\n\n\n\n
              • Limited to assigned clinic data only<\/li>\n\n\n\n
              • Cannot access the WordPress admin panel<\/li>\n\n\n\n
              • Cannot modify system-wide settings<\/li>\n<\/ul>\n\n\n\n
                Feature<\/span><\/th>Access Level<\/span><\/th><\/tr><\/thead>
                Dashboard Access<\/td>Clinic-specific dashboard<\/td><\/tr>
                Clinic Management<\/td>Edit own clinic details<\/td><\/tr>
                User Management<\/td>Add\/manage doctors, receptionists, patients<\/td><\/tr>
                Appointments<\/td>Full access within their clinic<\/td><\/tr>
                Patient Records<\/td>View all patients in their clinic<\/td><\/tr>
                Medical Records \ud83d\udd37 PRO<\/td>Access all encounters in their clinic<\/td><\/tr>
                Billing & Invoices \ud83d\udd37 PRO<\/td>Manage billing for their clinic<\/td><\/tr>
                Reports \ud83d\udd37 PRO<\/td>Generate clinic-specific reports<\/td><\/tr>
                Settings<\/td>Configure clinic-level settings<\/td><\/tr>
                Services<\/td>Manage services offered by their clinic<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                When to Use the Clinic Admin Role<\/strong><\/h4>\n\n\n\n
                  \n
                • Clinic managers<\/strong> handling daily operations<\/li>\n\n\n\n
                • Branch managers<\/strong> in multi-location setups<\/li>\n\n\n\n
                • Practice managers<\/strong> who need operational control without technical access<\/li>\n<\/ul>\n\n\n\n
                  \n

                  IMPORTANT:<\/strong> Clinic Admins provide the perfect balance between operational authority and system security.<\/p>\n<\/blockquote>\n\n\n\n

                  \"\"<\/figure>\n\n\n\n
                  \n\n\n\n

                  Doctor<\/strong><\/h3>\n\n\n\n

                  Focused on clinical workflows and patient care<\/strong> without administrative overhead.<\/p>\n\n\n\n

                  Key Responsibilities<\/strong><\/h4>\n\n\n\n
                    \n
                  • Conduct patient consultations<\/li>\n\n\n\n
                  • Maintain medical records<\/li>\n\n\n\n
                  • Create prescriptions and encounter notes<\/li>\n\n\n\n
                  • Manage personal schedule and availability<\/li>\n<\/ul>\n\n\n\n

                    Access Highlights<\/strong><\/h4>\n\n\n\n
                      \n
                    • View and manage assigned appointments<\/li>\n\n\n\n
                    • Create and manage encounters (SOAP notes)<\/li>\n\n\n\n
                    • Add and update medical records<\/li>\n\n\n\n
                    • Create and manage prescriptions<\/li>\n\n\n\n
                    • View patient history and reports<\/li>\n\n\n\n
                    • Manage personal availability and clinic schedules<\/li>\n\n\n\n
                    • Access patients assigned to them<\/li>\n\n\n\n
                    • No access to clinic-wide administrative settings<\/li>\n\n\n\n
                    • Cannot manage other doctors or staff<\/li>\n\n\n\n
                    • Limited billing access (view only)<\/li>\n<\/ul>\n\n\n\n
                      Feature<\/span><\/th>Access Level<\/span><\/th><\/tr><\/thead>
                      Dashboard Access<\/td>Doctor-specific dashboard<\/td><\/tr>
                      Appointments<\/td>View the patients they are treating<\/td><\/tr>
                      Patient Records<\/td>View patients they are treating<\/td><\/tr>
                      Medical Records \ud83d\udd37 PRO<\/td>Create and view Patient Medical Records<\/td><\/tr>
                      Prescriptions<\/td>Create and manage prescriptions<\/td><\/tr>
                      Reports \ud83d\udd37 PRO<\/td>View patient reports and own statistics<\/td><\/tr>
                      Schedule<\/td>Manage personal availability<\/td><\/tr>
                      Services<\/td>Create and manage services<\/td><\/tr>
                      Billing \ud83d\udd37 PRO<\/td>View billing information<\/td><\/tr>
                      Encounter (Medical History)<\/td>Access patient medical history<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                      Doctor Workflow Example<\/strong><\/h4>\n\n\n\n
                        \n
                      1. Morning:<\/strong> Review today’s appointment schedule<\/li>\n\n\n\n
                      2. Patient Arrival:<\/strong> Access patient medical history<\/li>\n\n\n\n
                      3. Consultation:<\/strong> Record encounter notes (SOAP format)<\/li>\n\n\n\n
                      4. Treatment:<\/strong> Create prescriptions and treatment plans<\/li>\n<\/ol>\n\n\n\n

                        When to Use the Doctor Role<\/strong><\/h4>\n\n\n\n
                          \n
                        • Practicing physicians<\/strong> providing direct patient care<\/li>\n\n\n\n
                        • Specialists<\/strong> conducting consultations<\/li>\n<\/ul>\n\n\n\n
                          \n

                          \ud83d\udcdd NOTE:<\/strong> Doctors focus purely on clinical tasks without administrative distractions.<\/p>\n<\/blockquote>\n\n\n\n

                          \"\"<\/figure>\n\n\n\n
                          \n\n\n\n

                          Receptionist<\/strong><\/h3>\n\n\n\n

                          Handles front-desk and administrative operations<\/strong> to keep the clinic running smoothly.<\/p>\n\n\n\n

                          Key Responsibilities<\/h4>\n\n\n\n
                            \n
                          • Appointment coordination and scheduling<\/li>\n\n\n\n
                          • Patient onboarding and registration<\/li>\n\n\n\n
                          • Daily clinic operations support<\/li>\n\n\n\n
                          • Billing assistance<\/li>\n<\/ul>\n\n\n\n

                            Access Highlights<\/h4>\n\n\n\n
                              \n
                            • Create, edit, and manage appointments<\/li>\n\n\n\n
                            • Add and manage patients and doctors<\/li>\n\n\n\n
                            • Manage services and schedules<\/li>\n\n\n\n
                            • Handle billing and invoices<\/li>\n\n\n\n
                            • Assist with encounter and report management<\/li>\n\n\n\n
                            • No access to advanced system or clinic settings<\/li>\n\n\n\n
                            • Limited access to medical records (basic info only)<\/li>\n\n\n\n
                            • Cannot modify clinic configuration<\/li>\n<\/ul>\n\n\n\n
                              Feature<\/span><\/th>Create, edit doctor schedules, and availability<\/span><\/th><\/tr><\/thead>
                              Dashboard Access<\/td>Receptionist dashboard<\/td><\/tr>
                              Appointments<\/td>Create, edit, reschedule, cancel<\/td><\/tr>
                              Patient Records<\/td>Add and edit basic patient information<\/td><\/tr>
                              Check-In\/Check-Out<\/td>Process patient arrivals and departures<\/td><\/tr>
                              Billing \ud83d\udd37 PRO<\/td>Create invoices and process payments<\/td><\/tr>
                              Services<\/td>Create, edit available services<\/td><\/tr>
                              Sessions<\/td>Create, edit doctor schedules and availability<\/td><\/tr>
                              Reports \ud83d\udd37 PRO<\/td>View appointment reports<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                              Receptionist Daily Workflow<\/h4>\n\n\n\n
                                \n
                              1. Morning Setup:<\/strong> Review today’s appointment schedule<\/li>\n\n\n\n
                              2. Patient Check-In:<\/strong> Process arriving patients<\/li>\n\n\n\n
                              3. Phone Calls:<\/strong> Handle appointment booking requests<\/li>\n\n\n\n
                              4. Walk-Ins:<\/strong> Register and schedule walk-in patients<\/li>\n\n\n\n
                              5. Rescheduling:<\/strong> Manage appointment changes<\/li>\n\n\n\n
                              6. Patient Check-Out:<\/strong> Process departures and payments<\/li>\n\n\n\n
                              7. End of Day:<\/strong> Prepare next day’s schedule<\/li>\n<\/ol>\n\n\n\n

                                When to Use the Receptionist Role<\/h4>\n\n\n\n
                                  \n
                                • Front desk staff<\/strong> managing appointments<\/li>\n\n\n\n
                                • Administrative assistants<\/strong> handling patient coordination<\/li>\n\n\n\n
                                • Call center staff<\/strong> booking appointments<\/li>\n<\/ul>\n\n\n\n
                                  \n

                                  \ud83d\udca1 TIP:<\/strong> Receptionists are the first point of contact and keep the clinic operations flowing efficiently.<\/p>\n<\/blockquote>\n\n\n\n

                                  \"\"<\/figure>\n\n\n\n
                                  \"\"<\/figure>\n\n\n\n
                                  \n\n\n\n

                                  Patient<\/strong><\/h3>\n\n\n\n

                                  Provides self-service access<\/strong> to patients while maintaining privacy and security.<\/p>\n\n\n\n

                                  Key Responsibilities<\/h4>\n\n\n\n
                                    \n
                                  • Manage personal appointments<\/li>\n\n\n\n
                                  • View personal medical data<\/li>\n\n\n\n
                                  • Update profile information<\/li>\n\n\n\n
                                  • Track billing and payments<\/li>\n<\/ul>\n\n\n\n

                                    Access Highlights<\/h4>\n\n\n\n
                                      \n
                                    • Book, view, reschedule, and cancel appointments<\/li>\n\n\n\n
                                    • View prescriptions and medical records<\/li>\n\n\n\n
                                    • Access bills and reports<\/li>\n\n\n\n
                                    • Update personal profile and password<\/li>\n\n\n\n
                                    • Submit and manage reviews<\/li>\n\n\n\n
                                    • Download medical reports<\/li>\n\n\n\n
                                    • Patients can only access their own data<\/strong><\/li>\n\n\n\n
                                    • No access to other patients’ information<\/li>\n\n\n\n
                                    • Cannot view clinic administrative data<\/li>\n<\/ul>\n\n\n\n
                                      Feature<\/span><\/th>Access Level<\/span><\/th><\/tr><\/thead>
                                      Dashboard Access<\/td>Personal patient portal<\/td><\/tr>
                                      Appointments<\/td>Book, view, reschedule, cancel own appointments<\/td><\/tr>
                                      Encounter<\/td>View own Encounter (Medical History)<\/td><\/tr>
                                      Prescriptions<\/td>View and download prescriptions<\/td><\/tr>
                                      Billing \ud83d\udd37 PRO<\/td>View bills and payment history<\/td><\/tr>
                                      Reports \ud83d\udd37 PRO<\/td>Access own lab reports and documents<\/td><\/tr>
                                      Profile<\/td>Update personal information<\/td><\/tr>
                                      Reviews<\/td>Submit doctor\/clinic reviews<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                                      Patient Portal Features<\/h4>\n\n\n\n
                                        \n
                                      1. Self-Service Booking:<\/strong> Book appointments online 24\/7<\/li>\n\n\n\n
                                      2. Appointment Reminders:<\/strong> Receive email notifications (SMS\/WhatsApp with Pro)<\/li>\n\n\n\n
                                      3. Medical History:<\/strong> Access complete medical records<\/li>\n\n\n\n
                                      4. Prescription Access:<\/strong> View and download prescriptions<\/li>\n\n\n\n
                                      5. Billing Transparency:<\/strong> View all charges and payments<\/li>\n\n\n\n
                                      6. Profile Management:<\/strong> Update contact and demographic information<\/li>\n<\/ol>\n\n\n\n

                                        When to Use Patient Role<\/h4>\n\n\n\n
                                          \n
                                        • All registered patients<\/strong> receiving care<\/li>\n\n\n\n
                                        • Family members<\/strong> managing appointments (with consent)<\/li>\n\n\n\n
                                        • Caregivers<\/strong> accessing patient information (with authorization)<\/li>\n<\/ul>\n\n\n\n
                                          \n

                                          \u2139\ufe0f IMPORTANT:<\/strong> Patient data privacy is strictly enforced. Each patient can only see their own information.<\/p>\n<\/blockquote>\n\n\n\n

                                          \"\"<\/figure>\n\n\n\n
                                          \"\"<\/figure>\n\n\n\n
                                          \n\n\n\n

                                          Permission Management<\/strong><\/h2>\n\n\n\n

                                          KiviCare allows administrators to fine-tune permissions<\/strong> for each role, providing flexibility to match your clinic’s specific needs.<\/p>\n\n\n\n

                                          Where to Manage Permissions<\/h3>\n\n\n\n

                                          Navigate to: KiviCare Dashboard \u2192 Settings \u2192 Permission Settings<\/strong><\/p>\n\n\n\n

                                          From here, admins can:<\/p>\n\n\n\n

                                            \n
                                          • Enable or disable individual capabilities per role<\/li>\n\n\n\n
                                          • Control access to specific menus and actions<\/li>\n<\/ul>\n\n\n\n

                                            Permission Categories<\/strong><\/h3>\n\n\n\n

                                            Permissions are organized into logical categories:<\/p>\n\n\n\n

                                            1. Dashboard & Navigation<\/h4>\n\n\n\n
                                              \n
                                            • Which dashboard widgets are visible<\/li>\n\n\n\n
                                            • Menu items and navigation access<\/li>\n<\/ul>\n\n\n\n

                                              2. Data Management<\/h4>\n\n\n\n
                                                \n
                                              • Create, read, update, delete (CRUD) permissions<\/li>\n\n\n\n
                                              • Export and import capabilities<\/li>\n\n\n\n
                                              • Bulk action permissions<\/li>\n<\/ul>\n\n\n\n

                                                3. Clinical Features<\/h4>\n\n\n\n
                                                  \n
                                                • Appointment management<\/li>\n\n\n\n
                                                • Patient management<\/li>\n\n\n\n
                                                • Receptionist management<\/li>\n\n\n\n
                                                • Doctor management<\/li>\n\n\n\n
                                                • Encounter management<\/li>\n\n\n\n
                                                • Prescription creation<\/li>\n\n\n\n
                                                • Medical record access<\/li>\n\n\n\n
                                                • Billing and invoicing<\/li>\n<\/ul>\n\n\n\n

                                                  4. Administrative Functions<\/h4>\n\n\n\n
                                                    \n
                                                  • User management<\/li>\n\n\n\n
                                                  • Clinic configuration<\/li>\n\n\n\n
                                                  • Service and schedule management<\/li>\n\n\n\n
                                                  • Billing and invoicing<\/li>\n\n\n\n
                                                  • Reports<\/li>\n\n\n\n
                                                  • Settings<\/li>\n<\/ul>\n\n\n\n

                                                    5. Reporting<\/h4>\n\n\n\n
                                                      \n
                                                    • Which reports can be generated<\/li>\n\n\n\n
                                                    • Data export permissions<\/li>\n\n\n\n
                                                    • Analytics access<\/li>\n<\/ul>\n\n\n\n

                                                      Configuring Permissions<\/h3>\n\n\n\n
                                                        \n
                                                      1. Navigate to Settings \u2192 Permission Settings<\/strong><\/li>\n\n\n\n
                                                      2. Select the role you want to configure<\/li>\n\n\n\n
                                                      3. Review the capability checklist<\/li>\n\n\n\n
                                                      4. Enable or disable specific permissions<\/li>\n\n\n\n
                                                      5. Save changes<\/li>\n\n\n\n
                                                      6. Changes apply immediately to all users with that role<\/li>\n<\/ol>\n\n\n\n

                                                        Permission Inheritance<\/h3>\n\n\n\n
                                                          \n
                                                        • Administrator:<\/strong> Has all permissions by default<\/li>\n\n\n\n
                                                        • Clinic Admin:<\/strong> Has clinic-level permissions<\/li>\n\n\n\n
                                                        • Receptionist:<\/strong> Has clinical permissions<\/li>\n\n\n\n
                                                        • Doctor:<\/strong> Has clinical permissions<\/li>\n\n\n\n
                                                        • Patient:<\/strong> Has personal data access only<\/li>\n<\/ul>\n\n\n\n
                                                          \n

                                                          \u26a0\ufe0f WARNING:<\/strong> Disabling critical permissions may prevent users from performing their core duties. Test changes carefully.<\/p>\n<\/blockquote>\n\n\n\n

                                                          \"\"<\/figure>\n\n\n\n
                                                          \n\n\n\n

                                                          Role Capability Matrix<\/strong><\/h2>\n\n\n\n

                                                          Below is a comprehensive matrix showing what each role can do across key features:<\/p>\n\n\n\n

                                                          Appointment Management<\/h3>\n\n\n\n
                                                          Capability<\/th>Admin<\/th>Clinic Admin<\/th>Doctor<\/th>Receptionist<\/th>Patient<\/th><\/tr><\/thead>
                                                          View All Appointments<\/td>\u2705<\/td>\u2705 Clinic Only<\/td>\u2705 Own Only<\/td>\u2705 Clinic Only<\/td>\u2705 Own Only<\/td><\/tr>
                                                          Create Appointments<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td><\/tr>
                                                          Edit Appointments<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td>\u2705<\/td>\u2705 Own<\/td><\/tr>
                                                          Delete Appointments<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td>\u2705<\/td>\u274c<\/td><\/tr>
                                                          Cancel Appointments<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td><\/tr>
                                                          Check-In Patients<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td><\/tr>
                                                          Export Appointments<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td>\u2705<\/td>\u274c<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                                                          Patient Management<\/h3>\n\n\n\n
                                                          Capability<\/th>Admin<\/th>Clinic Admin<\/th>Doctor<\/th>Receptionist<\/th>Patient<\/th><\/tr><\/thead>
                                                          View All Patients<\/td>\u2705<\/td>\u2705 Clinic Only<\/td>\u2705 Assigned<\/td>\u2705 Clinic Only<\/td>\u2705 Self<\/td><\/tr>
                                                          Add Patients<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td><\/tr>
                                                          Edit Patients<\/td>\u2705<\/td>\u2705<\/td>\u2705 Assigned<\/td>\u2705<\/td>\u2705 Own Profile<\/td><\/tr>
                                                          Delete Patients<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          Export Patient Data<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u274c<\/td>\u2705 Own Data<\/td><\/tr>
                                                          View Medical History<\/td>\u2705<\/td>\u2705<\/td>\u2705 Assigned<\/td>\u26a0\ufe0f Limited<\/td>\u2705 Own<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                                                          Clinical Records<\/h3>\n\n\n\n
                                                          Capability<\/th>Admin<\/th>Clinic Admin<\/th>Doctor<\/th>Receptionist<\/th>Patient<\/th><\/tr><\/thead>
                                                          View Encounters<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td>\u26a0\ufe0f Limited<\/td>\u2705 Own<\/td><\/tr>
                                                          Create Encounters<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          Edit Encounters<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          Delete Encounters<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          Create Prescriptions<\/td>\u2705<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          View Prescriptions<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td>\u26a0\ufe0f Limited<\/td>\u2705 Own<\/td><\/tr>
                                                          Medical Records \ud83d\udd37 PRO<\/td>\u2705<\/td>\u2705<\/td>\u2705 Assigned<\/td>\u26a0\ufe0f Limited<\/td>\u2705 Own<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                                                          Staff & Clinic Management<\/h3>\n\n\n\n
                                                          Capability<\/th>Admin<\/th>Clinic Admin<\/th>Doctor<\/th>Receptionist<\/th>Patient<\/th><\/tr><\/thead>
                                                          Manage Clinics \ud83d\udd37 PRO<\/td>\u2705 All<\/td>\u2705 Own<\/td>\u274c<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          Add Doctors<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          Edit Doctors<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own Profile<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          Add Receptionists<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u274c<\/td>\u274c<\/td><\/tr>
                                                          Manage Services<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u26a0\ufe0f View Only<\/td>\u26a0\ufe0f View Only<\/td><\/tr>
                                                          Manage Schedules<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td>\u26a0\ufe0f View Only<\/td>\u26a0\ufe0f View Only<\/td><\/tr>
                                                          Configure Settings<\/td>\u2705<\/td>\u2705 Clinic<\/td>\u274c<\/td>\u274c<\/td>\u274c<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                                                          Billing & Financial \ud83d\udd37 PRO<\/h3>\n\n\n\n
                                                          Capability<\/th>Admin<\/th>Clinic Admin<\/th>Doctor<\/th>Receptionist<\/th>Patient<\/th><\/tr><\/thead>
                                                          View All Bills<\/td>\u2705<\/td>\u2705 Clinic Only<\/td>\u26a0\ufe0f Limited<\/td>\u2705 Clinic Only<\/td>\u2705 Own Only<\/td><\/tr>
                                                          Create Bills<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u2705<\/td>\u274c<\/td><\/tr>
                                                          Edit Bills<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u2705<\/td>\u274c<\/td><\/tr>
                                                          Process Payments<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u2705<\/td>\u2705 Own<\/td><\/tr>
                                                          Generate Invoices<\/td>\u2705<\/td>\u2705<\/td>\u274c<\/td>\u2705<\/td>\u274c<\/td><\/tr>
                                                          Financial Reports \ud83d\udd37 PRO<\/td>\u2705<\/td>\u2705 Clinic Only<\/td>\u274c<\/td>\u26a0\ufe0f Limited<\/td>\u274c<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                                                          Reports & Analytics \ud83d\udd37 PRO<\/h3>\n\n\n\n
                                                          Capability<\/th>Admin<\/th>Clinic Admin<\/th>Doctor<\/th>Receptionist<\/th>Patient<\/th><\/tr><\/thead>
                                                          Dashboard Statistics<\/td>\u2705 All<\/td>\u2705 Clinic<\/td>\u2705 Personal<\/td>\u26a0\ufe0f Limited<\/td>\u2705 Personal<\/td><\/tr>
                                                          Generate Reports<\/td>\u2705 All<\/td>\u2705 Clinic<\/td>\u2705 Personal<\/td>\u26a0\ufe0f Limited<\/td>\u274c<\/td><\/tr>
                                                          Export Reports<\/td>\u2705<\/td>\u2705<\/td>\u2705 Own<\/td>\u26a0\ufe0f Limited<\/td>\u2705 Own Data<\/td><\/tr>
                                                          View Analytics<\/td>\u2705<\/td>\u2705<\/td>\u2705 Personal<\/td>\u26a0\ufe0f Limited<\/td>\u274c<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

                                                          Legend:<\/strong><\/p>\n\n\n\n

                                                            \n
                                                          • \u2705 Full Access<\/li>\n\n\n\n
                                                          • \u26a0\ufe0f Limited\/View Only Access<\/li>\n\n\n\n
                                                          • \u274c No Access<\/li>\n<\/ul>\n\n\n\n
                                                            \n\n\n\n

                                                            How Access Control Works<\/strong><\/h2>\n\n\n\n

                                                            Understanding how KiviCare enforces access control helps ensure security and proper system usage.<\/p>\n\n\n\n

                                                            Menu & UI Level<\/strong><\/h3>\n\n\n\n
                                                              \n
                                                            • Dynamic Menu Display:<\/strong> Menu items are automatically hidden<\/strong> if a user lacks permission<\/li>\n\n\n\n
                                                            • Conditional Buttons:<\/strong> Action buttons (edit, delete, etc.) only appear when allowed<\/li>\n\n\n\n
                                                            • Role-Based Dashboards:<\/strong> Each role sees a customized dashboard relevant to their work<\/li>\n<\/ul>\n\n\n\n

                                                              Backend Security<\/strong><\/h3>\n\n\n\n
                                                                \n
                                                              • Capability Checks:<\/strong> All actions are validated against user capabilities<\/li>\n\n\n\n
                                                              • API Endpoint Protection:<\/strong> REST API requests verify permissions<\/li>\n\n\n\n
                                                              • Database Query Filtering:<\/strong> Database queries automatically filter data based on role<\/li>\n\n\n\n
                                                              • Action Hooks:<\/strong> WordPress action hooks ensure multi-layer security<\/li>\n<\/ul>\n\n\n\n

                                                                Data Isolation<\/strong><\/h3>\n\n\n\n
                                                                  \n
                                                                • Clinic-Based Filtering:<\/strong> Multi-clinic setups isolate data per clinic<\/li>\n\n\n\n
                                                                • Doctor-Patient Association:<\/strong> Doctors only see patients assigned to them<\/li>\n\n\n\n
                                                                • Personal Data Protection:<\/strong> Patients only access their own records<\/li>\n\n\n\n
                                                                • Role Hierarchy:<\/strong> Lower roles cannot access higher-level administrative data<\/li>\n<\/ul>\n<\/div>","protected":false},"excerpt":{"rendered":"

                                                                  Complete guide to User Roles & Access Control in KiviCare Lite. Learn how to effectively use this feature with step-by-step instructions and best practices.<\/p>\n","protected":false},"author":12,"featured_media":0,"parent":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23],"tags":[],"class_list":["post-20","post","type-post","status-publish","format-standard","hentry","category-core-concepts"],"featured_image_src":null,"author_info":{"display_name":"wordpressadminiq","author_link":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/author\/wordpressadminiq\/"},"_links":{"self":[{"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/posts\/20","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/comments?post=20"}],"version-history":[{"count":10,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/posts\/20\/revisions"}],"predecessor-version":[{"id":2724,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/posts\/20\/revisions\/2724"}],"wp:attachment":[{"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/media?parent=20"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/categories?post=20"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/documentation.iqonic.design\/kivicare-wordpress\/wp-json\/wp\/v2\/tags?post=20"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}