Roles & Permissions
BeeSeen Clinic uses role-based access control (RBAC) to ensure each team member sees only what they need.
Role Overview
Clinic Admin
Full control of the clinic:
- All settings and configuration
- Staff management
- Subscription and billing
- All reports and analytics
- Impersonate other users (for support)
Doctor
Clinical access:
- Patient records (full read/write)
- Appointments (view and manage own)
- Prescriptions and medical records
- Queue management
- Limited reports (own patients)
Receptionist
Front desk operations:
- Appointments (create, modify, cancel)
- Queue management
- Patient check-in/out
- Basic patient info (no medical records)
- Payment collection
Accountant
Financial access only:
- All financial reports
- Payment records
- Invoice management
- No patient records
- No appointments
Permission Matrix
| Feature | Admin | Doctor | Receptionist | Accountant | |---------|-------|--------|--------------|------------| | Dashboard | ✅ Full | ✅ Clinical | ✅ Queue | ✅ Financial | | Patients | ✅ All | ✅ Own | 👀 Basic | ❌ None | | Medical Records | ✅ All | ✅ Own | ❌ None | ❌ None | | Appointments | ✅ All | ✅ Own | ✅ All | ❌ None | | Queue | ✅ All | ✅ Own | ✅ All | ❌ None | | Billing | ✅ All | 👀 View | ✅ Collect | ✅ All | | Reports | ✅ All | ✅ Clinical | ❌ None | ✅ Financial | | Staff | ✅ Manage | ❌ None | ❌ None | ❌ None | | Settings | ✅ All | ❌ None | ❌ None | ❌ None |
Security Features
- Audit logging of all actions
- Session timeout after inactivity
- Password complexity requirements
- Two-factor authentication (Enterprise)