ShiftCare offers flexible role-based access control, allowing you to assign different levels of permissions to your staff based on their responsibilities. Roles determine:
What features certain staff/users can see and interact with
The level of control they have over each feature
Assigning the correct roles ensures users can do their work without accessing data or features they don’t need. Thus, it is crucial to assign appropriate roles to all your team members.
You can choose from Base Roles provided by ShiftCare or create Custom Roles tailored to your organisation’s structure.
Roles Dashboard
Navigate to Account > Roles from the sidebar menu.
Here, you will see a dashboard designed to make managing user access easy.
The top of the page displays cards for both Base Roles and Custom Roles, showing the total number of users currently assigned to each. You can click 'Show More' to expand the list.
The Users Tab displays a searchable table of your staff, including their Name, Role, and Email. Clicking a staff member's name will direct you to their staff details page. If you click a role card at the top of the page, it will automatically filter this table to show only users with that specific role.
The Roles Tab displays your list of roles with advanced filtering options. Here, you can search for specific roles and tick the checkboxes to hide empty roles or hide base roles. Click the pen icon to edit a role's data access controls and permissions (for custom roles), and click the trash bin icon to delete a custom role.
Base Roles
To help determine which role to assign to each member, below is an overview of the base roles:
Role | Access Summary |
Admin | Full access to all features. Can view, edit, add, update, and archive any information on any feature. |
Coordinator | Ideal for team leaders or coordinators. Can manage some client details. |
HR | Suited for the human resources team. Primarily focused on staff-related access. |
Ops | Can create and edit staff and client profiles and manage rosters. Cannot generate invoices or access organisation-wide billing reports, but can view individual client billing reports and total amounts for the shifts. |
Office Support | Designed for office finance/admin teams. Primarily focused on invoice creation. |
Staff | Best used for care workers, support workers, or carers. Can manage availability, clock in/out, view shift details (including description/date/time/location/client name), add shift notes, and view client documents. |
Kiosk | For use in group homes with reception areas using a shared tablet or computer. Click here to know more. |
Account Owner | Has Admin access plus additional permissions. See the Account Owner section for details. |
For a more detailed view, please refer to this table outlining the access level of each user type:
✅ Full access
❌ No access
👁 View only
Menu | Admin | Coordinator | HR | Office Support | Ops | Staff |
Scheduler | ✅ | ✅ | ✅ | 👁 | ✅ | 👁 |
Staff | ✅ | 👁 | ✅ | ❌ | ✅ | ❌ |
Clients | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ |
Incidents | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Invoices* | ✅ | ✅ | ❌ | ✅† | ❌ | ❌ |
Reports | ✅ | ✅ | ✅** | ✅† | ✅** | ❌ |
Account Settings | ✅ | ❌ | ❌ | ❌ | ❌†† | ❌ |
✅ | ❌ | ❌ | ❌ | ✅ | ❌ | |
Bulk SMS | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ |
✅ | ✅ | ❌ | ✅ | ✅ | ❌ | |
✅ | ❌ | ❌ | ❌ | ✅ | ❌ | |
✅ | ❌ | ❌ | ❌ | ❌ | ❌ |
👉🏽 Level of access decreases from left to right. A user with a lower-level role cannot invite or change the access of someone with higher access. For example, an Ops user cannot change an Admin user’s role, but an Admin can change an Ops user’s role.
* Generation and management. Requires a Pro or Premium subscription to access this feature.
** No financial reports shown.
† No staff management report types (e.g. timesheet and KPI). Exports cannot be downloaded via the notifications in the software, but they can be downloaded via the notification email.
†† The Ops role can only access Account > Reminders.
Editing Base Roles
Admin users can click the pen icon on any base role to configure its Data Access Controls and Granular Client Permissions (see the section below).
Data Access Controls
When creating or editing any role, you can set specific data access policies that dictate exactly which client and staff details that role is permitted to see.
These permissions are strictly enforced across the entire platform, including the client list, client profile pages, the scheduler, reports, and exports.
At the top of the permission groups, you will see three main Data Access scope controls. These determine whether the user has access to all records, team-based records, or no records at all.
Available options:
Manage Clients*
No: The user has no access to clients. The client list will be empty, and all client sections will be hidden. (Setting this to No will automatically override and hide all granular permissions below it).
Yes (All Clients): The user can access all clients in the account.
Team Based: The user will only see clients who belong to the same Teams/Segments that they are assigned to.
Manage eMAR
No Access: The eMAR tab is hidden. No access to medication records.
All Clients: Full access to eMAR records for all clients in the account.
Team Based: Only see eMAR data for clients in the user's assigned teams.
Manage Invoices
No Access: The Invoices tab and billing data are hidden.
All Clients: Full access to invoices for all clients in the account.
Team Based: Only see invoice data for clients in the user's assigned teams.
Note: These policies work independently. For example, a role could have 'Team Based' client access but 'All Clients' invoice access.
*Granular Client Permissions
For the Manage Clients section, you can drill down even further. Once you grant 'Yes' or 'Team Based' access to Manage Clients, you can configure granular permissions for almost every section of the client profile.
These options typically offer three levels of access:
No Access: The tab or section is completely hidden from the user.
Read Only: The tab or section is visible, but the user cannot edit, add, or delete information.
Full Access: The user can view and edit the information.
You can apply these granular controls to Demographic Fields (such as Gov IDs, Contact Info, and Funding), Settings (such as Emergency Contacts and Care Info), and specific Profile Tabs (such as Care Plans and Goals).
Certain sensitive actions only have two options (No Access or Full Access). These include the ability to:
Create or Archive Clients
Manage Family Portal Invites
View Private Communications/Responses
View Forms Activity Logs
Custom Roles
Custom roles allow administrators to tailor user access levels within the software by creating roles with specific permissions and restrictions, ensuring users only see the features they need.
Create a custom role when:
None of the base roles (e.g. Admin, Ops, HR) meet your needs.
You want to restrict access to areas like Invoicing, Reporting, or Team Management.
You need to maintain data security while supporting specific operational access.
Creating a New Custom Role
Navigate to Account > Roles from the sidebar menu and click 'Add New Role'.
Choose a base role from the dropdown menu to prefill default permissions. You’ll be able to customise everything later.
Enter the details of the new role.
Role Name: Use a clear, descriptive name (e.g. “Admin Assistant”, “Finance Assistant”).
Role Description: Summarise what the role does and its intended access level. This will be helpful for audits and team management.
Configure role permissions and data access controls. Click the small arrows to reveal the categories and select each box based on what the user should be able to access.
Role permissions include access to Smart Match, Invoice Management, Reports, Medication Management, and other features such as Account Settings. Click here for more details on the categories.
Click 'Save' to confirm the custom role.
You can now assign this role to any user through their Staff Profile > Settings > Role. Select 'Other' to access the Custom Role dropdown menu.
You can delete a custom role by clicking the trash bin icon. You can only delete a custom role if it has 0 users assigned to it.
Tips for Managing Custom Roles
Use clear role names to avoid confusion.
Review roles quarterly or when staff responsibilities change.
Test roles using a dummy account to confirm permissions are working as expected.
Avoid assigning access to sensitive features like account settings or payroll unless absolutely required.
Account Owner
Every ShiftCare account must have at least one user with the Admin role. Typically, this is the person who created the account. This person is designated as the Account Owner.
In addition to full admin access, the Account Owner can enable PDF file downloads via the app (these are read-only by default). This setting is available in the Account > Settings page.
Read this to learn how to change the owner of your ShiftCare account.
Frequently Asked Questions (FAQs)
How can I update base roles and permissions?
Base roles in ShiftCare are currently fixed and can’t be edited.
If you need more flexibility, you can create tailored access levels using the Custom Roles feature to suit your team’s needs.
We understand that being able to edit base role permissions would be helpful, and this is something being considered for a future release.
Can I restrict an office staff member’s access to only one participant?
Yes, this can be achieved by using custom roles and team-based access controls.
To set this up:
Create a custom role
Configure the role with the required permissions (e.g. rostering, viewing shift notes).Set data access to team-based
For relevant sections such as:Client Details
Client Communications
Client Forms
Set access to Team-based.
Assign the role to the staff member
Apply the custom role to the office staff member.Create a team
Create a team specifically for this staff member and the participant.Add the staff member and participant to the team
This ensures the staff member can only access information related to that participant.
For further assistance with Role Management, please contact our Support team using online chat when you're logged into ShiftCare, or email our Support team at support@shiftcare.com.