User Roles and Permissions
CareLog implements a comprehensive role-based access control (RBAC) system to ensure proper security and privacy.
Overview
CareLog supports five distinct user roles, each with specific permissions and responsibilities:
- Hospital Admin
- Doctor
- Nurse
- Patient
- Family Member
Role Descriptions
Hospital Admin
Responsibilities:
- Complete system administration
- User account management
- System security oversight
- Audit log monitoring
Permissions:
- Create, modify, and delete user accounts
- View and manage all patient records
- Access audit logs
- Configure system settings
- Perform data backups
- View all emergency calls
- Manage user role assignments
Restrictions:
- Should follow principle of least privilege
- Actions are logged in audit trail
Doctor
Responsibilities:
- Patient medical care
- Diagnosis and treatment
- Prescription management
- Medical record maintenance
Permissions:
- View all patient medical records
- Create and update diagnoses
- Prescribe medications
- Schedule appointments
- View patient health logs (including sensitive)
- Access patient emergency history
Restrictions:
- Cannot manage user accounts
- Cannot access audit logs
- Cannot modify system settings
Nurse
Responsibilities:
- Patient health monitoring
- Emergency response
- Health status tracking
- Patient care coordination
Permissions:
- View patient medical records
- Monitor patient health logs
- Respond to emergency calls
- Update patient health status
- View patient information
- Access emergency call system
Restrictions:
- Cannot create diagnoses
- Cannot prescribe medications
- Cannot manage user accounts
- Cannot access audit logs
Patient
Responsibilities:
- Personal health management
- Health logging
- Appointment scheduling
- Emergency communication
Permissions:
- View own medical records
- Log daily health status
- Mark health logs as sensitive
- Request appointments
- Make emergency calls
- Submit feedback
- View own prescriptions and diagnoses
Restrictions:
- Can only view own information
- Cannot access other patients' data
- Cannot modify medical diagnoses
- Cannot manage user accounts
Family Member
Responsibilities:
- Monitor linked patient health
- Support patient care
- Communicate with medical staff
Permissions:
- View linked patient information (non-sensitive)
- Request visits
- View patient health logs (non-sensitive only)
- Receive notifications about linked patients
- View appointment schedules
Restrictions:
- Cannot view sensitive health information
- Cannot view detailed medical records
- Must be linked to patients by admin
- Cannot modify patient data
- Cannot access emergency call system directly
Permission Matrix
| Feature | Admin | Doctor | Nurse | Patient | Family |
|---|---|---|---|---|---|
| User Management | ✓ | ✗ | ✗ | ✗ | ✗ |
| View Audit Logs | ✓ | ✗ | ✗ | ✗ | ✗ |
| Create Diagnosis | ✗ | ✓ | ✗ | ✗ | ✗ |
| Prescribe Medication | ✗ | ✓ | ✗ | ✗ | ✗ |
| Respond to Emergency | ✓ | ✓ | ✓ | ✗ | ✗ |
| View Own Records | ✓ | ✓ | ✓ | ✓ | Limited |
| View All Patients | ✓ | ✓ | ✓ | ✗ | ✗ |
| Log Health Status | ✗ | ✗ | ✗ | ✓ | ✗ |
| Make Emergency Call | ✗ | ✗ | ✗ | ✓ | ✗ |
| View Sensitive Data | ✓ | ✓ | ✓ | Own Only | ✗ |
Role Assignment
- Roles are assigned by Hospital Admins during user creation
- Users cannot change their own roles
- Each user has exactly one role
- Role changes are logged in audit system
Security Considerations
- Principle of Least Privilege: Users only have permissions necessary for their role
- Separation of Duties: Critical operations require multiple roles
- Audit Trail: All role-based actions are logged
- Account Monitoring: Admin reviews role assignments regularly
Best Practices
- Assign roles based on job function
- Review permissions regularly
- Disable accounts when no longer needed
- Train users on their role responsibilities
- Monitor for privilege escalation attempts