Staff Permissions & Roles

​

Understanding Staff Roles

Kibu uses a role-based access control system to ensure that staff members have the appropriate level of access for their responsibilities. When adding staff members to your organization, it’s important to assign the correct role based on their job functions and responsibilities.

​

Quick Role Comparison

Capability	Staff	Supervisor	Admin	Super Admin
Create service records & quick notes	✓	✓	✓	✓
Manage tasks		✓	✓	✓
Manage groups and org settings			✓	✓
Full medical data access		✓	✓	✓
Organization-wide read access				✓
Billing management				✓

​

Detailed Permissions Matrix

Below are comprehensive tables showing what each role can and cannot do.

Basic Staff Role

Resource	Create	Read	Update	Write
group-settings		✓
analytics		✓
admin		✓
member		✓
service-record	✓	✓		✓
service-record-assignee			✓
service-record-attendance			✓
event	✓	✓	✓
group-file	✓	✓	✓
member-file	✓	✓	✓
admin-file	✓	✓	✓
life-plan		✓
quick-note	✓	✓
emergency-contact		✓
medical-history		✓
forms		✓
medication		✓
mar	✓	✓

Supervisor Role

Resource	Create	Read	Update	Delete	Write
group-settings		✓
analytics		✓
admin		✓
member		✓
service-record	✓	✓		✓	✓
service-record-assignee			✓
service-record-attendance			✓
event	✓	✓	✓	✓
group-file	✓	✓	✓	✓
member-file	✓	✓	✓	✓
admin-file	✓	✓	✓	✓
life-plan		✓	✓	✓
quick-note	✓	✓	✓	✓
emergency-contact	✓	✓	✓	✓
medical-history		✓	✓
forms	✓	✓	✓	✓
medication	✓	✓	✓	✓
mar	✓	✓	✓	✓
live-class			✓
tasks	✓	✓	✓	✓
compliance		✓
time-tracking			✓	✓
communication	✓

Admin Role

Resource	Create	Read	Update	Delete	Write
live-class	✓		✓	✓
tasks	✓	✓	✓	✓
group	✓		✓	✓
group-access			✓
group-settings		✓	✓
analytics		✓
organization-settings		✓	✓
admin	✓	✓	✓	✓
member	✓	✓	✓	✓
permissions			✓
compliance		✓
service-record	✓	✓		✓	✓
service-record-assignee			✓
service-record-attendance			✓
time-tracking			✓	✓
event	✓	✓	✓	✓
communication	✓
group-file	✓	✓	✓	✓
member-file	✓	✓	✓	✓
admin-file	✓	✓	✓	✓
life-plan	✓	✓	✓	✓
medical-data	✓	✓
quick-note	✓	✓	✓	✓
emergency-contact	✓	✓	✓	✓
medical-history		✓	✓
forms	✓	✓	✓	✓
medication	✓	✓	✓	✓
mar	✓	✓	✓	✓

Super Admin Role

Includes all Admin permissions, plus organization-wide capabilities:

• Read all groups across the organization
• Read all members across the organization
• Manage billing

​

Role Descriptions

This section provides detailed descriptions of each role in the system, including their specific permissions and capabilities. Each role builds upon the previous one, with Super Admin having the highest level of access and control.

​

Staff Role

The foundational role for team members working directly with members. Staff members focus on day-to-day interactions and basic documentation.

​

What Staff Can Do

​

Supervisor Role

An enhanced role that includes all Staff permissions plus additional management capabilities. Supervisors oversee staff members and have broader access to organizational tools.

​

What Supervisors Can Do (In Addition to Staff Permissions)

​

Admin Role

Full administrative control with comprehensive access to organizational settings and management tools. Includes all Supervisor permissions plus additional capabilities.

​

What Admins Can Do (In Addition to Supervisor Permissions)

​

Super Admin Role

The highest level of access in the system. Includes all Admin permissions plus organization-wide capabilities.

​

What Super Admins Can Do (In Addition to Admin Permissions)

• Access to all groups across organization
• View all member information
• Modify time tracking entries
• Override system restrictions when necessary
• Access to billing information

​

Best Practices

When assigning roles, consider the following best practices:

1. Principle of Least Privilege: Assign the minimum level of access required for each staff member to perform their duties.
2. Regular Review: Periodically review and update role assignments as staff responsibilities change.
3. Training: Ensure staff members understand the scope and limitations of their assigned roles.