WithinEHR User Permissions Guide
Proper permissions ensure every team member can access the features and data they need — and nothing more. This protects patient privacy, maintains HIPAA compliance, and provides each user with a focused, relevant interface.
Why Permissions Matter
- Data Security: Limiting access to PHI to only those who need it satisfies HIPAA's "Minimum Necessary" principle.
- Operational Clarity: Users see only the tools relevant to their role, reducing confusion and errors.
- Audit Integrity: Every action is tied to a specific user — accurate permissions ensure audit trails reflect who actually performed each action.
Available Roles
| Role | Access Level |
|---|---|
| Clinician | Clinical records, notes, appointments, messaging |
| Practice Manager | Full administrative and clinical access |
| Scheduler | Scheduling, client records (limited), communications |
| Billing Specialist | Billing, invoices, payments, insurance |
| Supervisor | Staff management, reporting, operational oversight |
How to Assign Permissions
- Click Settings on the navigation pane.
- Select Team.
- Choose the team member you want to update.
- Click Show Permissions at the bottom of the screen.
- Select or deselect the permissions you want to grant.
- Click Save.