Skip to main content

Overview

Paw & Care uses role-based access control (RBAC) to ensure team members have appropriate access to patient data and practice management features. The platform supports four primary user roles, each with carefully defined permissions to maintain data security while enabling efficient workflows.

User Roles

Veterinarian

Veterinarians have full clinical access with the ability to create, edit, and finalize medical records. Key Capabilities:
  • Create and dictate SOAP notes using AI voice-to-text
  • View and update patient medical records
  • Access complete patient history and vitals
  • Finalize medical records for billing
  • Accept or reject AI-generated clinical insights
  • Prescribe medications and create treatment plans
  • View billing information (read-only)
  • Access appointment schedules
Restrictions:
  • Cannot delete finalized medical records
  • Cannot modify practice-level settings
  • Cannot manage user accounts
  • Cannot access audit logs
// Veterinarians can finalize records
if (userRole === 'veterinarian') {
  canFinalizeRecord = true;
  canDeleteRecord = false;
  canAccessAuditLogs = false;
}

Practice Manager

Practice managers have administrative access to all features, including user management, practice settings, and financial reporting. Key Capabilities:
  • Full access to all veterinarian features
  • Manage user accounts and assign roles
  • Configure practice settings and branding
  • Access complete billing and invoicing system
  • Generate advanced reports and analytics
  • Configure AI voice assistant settings
  • View and export audit logs
  • Manage email templates
  • Delete records (with audit trail)
  • Export practice data
Special Permissions:
  • Only role that can delete medical records (soft delete with audit trail)
  • Can override appointment booking restrictions
  • Can access sensitive financial data
Practice Manager accounts should be limited to trusted administrative staff. All actions are logged in the audit system for compliance.

Veterinary Technician

Technicians have limited clinical access focused on patient care support and appointment management. Key Capabilities:
  • View patient records and medical history
  • Update patient vitals and measurements
  • Add appointment notes and observations
  • View appointment schedules
  • Check in patients for appointments
  • Access client contact information
  • View billing information (read-only)
  • Upload patient photos
Restrictions:
  • Cannot create or edit SOAP notes
  • Cannot finalize medical records
  • Cannot prescribe medications
  • Cannot access practice settings
  • Cannot manage users
  • Limited billing access (view only)
Technicians can contribute valuable observations through appointment notes, which veterinarians can review when creating medical records.

Front Desk Staff

Front desk staff focus on scheduling, client communication, and basic administrative tasks. Key Capabilities:
  • Full appointment scheduling access
  • Create and update client profiles
  • Monitor AI voice assistant calls
  • View basic patient information
  • Send invoices to clients
  • Book appointments from AI call logs
  • Manage appointment reminders
  • Access call transcripts
Restrictions:
  • No access to medical records
  • Cannot view detailed clinical information
  • Cannot create SOAP notes
  • Cannot access financial reports
  • Cannot modify practice settings
  • Limited patient data visibility
Front desk staff cannot access medical records to maintain patient privacy and HIPAA-equivalent compliance.

Permission Matrix

The table below provides a comprehensive view of feature access across all roles:
FeatureVeterinarianPractice ManagerTechnicianFront Desk
Clinical Features
View Medical Records
Create/Edit SOAP Notes
Finalize Medical Records
Delete Records
Voice Dictation
Clinical Insights
Prescribe Medications
Patient Management
View Patient RecordsLimited
Create/Edit Patients
Update Vitals
Upload Photos
View Vaccination History
Scheduling
View Appointments
Book Appointments
Reschedule/Cancel
Check-in Patients
Billing
View InvoicesView OnlySend Only
Create Invoices
Mark as Paid
Financial Reports
Administration
Practice Settings
User Management
Audit Logs
Template Management
AI Voice Config
Communication
AI Call Monitoring
View Call Transcripts
Email TemplatesViewViewView
Send Communications

Managing User Accounts

Adding a New User

1

Navigate to User Management

From the web application, click SettingsUser Management (Practice Manager only).
2

Create User Account

Click Add User and fill in:
  • Full name
  • Email address (will be used for login)
  • Phone number
  • Assigned role
  • Employment title (e.g., “DVM”, “Veterinary Technician”)
3

Send Invitation

The system sends an automated email invitation with:
  • Temporary password
  • Login instructions
  • Link to iOS app download (if applicable)
4

User Activates Account

New user logs in and must:
  • Change temporary password
  • Set up biometric authentication (iOS)
  • Review assigned permissions

Modifying User Roles

Changing a user’s role immediately updates their permissions. Active sessions remain valid but reflect new permissions on next action.
To change a role:
  1. Navigate to User Management
  2. Click on the user’s name
  3. Select Edit Role
  4. Choose new role from dropdown
  5. Confirm the change
  6. System logs the role change in audit trail
Important: Role changes are logged with:
  • Timestamp
  • Admin who made the change
  • Previous and new role
  • IP address

Deactivating Users

When a team member leaves:
  1. Navigate to their user profile
  2. Click Deactivate Account
  3. Choose deactivation reason (optional)
  4. User loses all access immediately
  5. Historical records remain attributed to the user
  6. Account can be reactivated if needed
Deactivated users still appear in audit logs and medical record history to maintain data integrity.

Authentication & Security

Password Requirements

All users must create passwords meeting these criteria:
  • Minimum 12 characters
  • At least one uppercase letter
  • At least one lowercase letter
  • At least one number
  • At least one special character
  • Cannot be a previously used password
  • Must be changed every 90 days

Multi-Factor Authentication (MFA)

Coming Soon

Two-factor authentication via SMS or authenticator app is planned for Q2 2026 to provide an additional security layer for practice managers and veterinarians.

Biometric Authentication (iOS)

iOS app users can enable:
  • Face ID on supported iPhones/iPads
  • Touch ID on older devices
Setup:
  1. Open Paw & Care iOS app
  2. Navigate to SettingsSecurity
  3. Enable Face ID / Touch ID
  4. Authenticate once to confirm
  5. Future logins use biometric instead of password
Biometric data never leaves the device and is managed by Apple’s Secure Enclave.

Session Management

Security Policies:
  • Sessions timeout after 30 minutes of inactivity
  • Re-authentication required for sensitive actions:
    • Finalizing medical records
    • Deleting data
    • Exporting patient information
    • Changing practice settings
  • Maximum 5 failed login attempts before 15-minute lockout
  • Sessions are invalidated on password change

Best Practices

Role Assignment Guidelines

Principle of Least Privilege

Assign the minimum permissions necessary for each team member to perform their job functions.

Regular Access Reviews

Quarterly review of user accounts and permissions to ensure they remain appropriate.

Immediate Deactivation

Deactivate accounts on the same day a team member’s employment ends.

Audit Trail Monitoring

Practice managers should periodically review audit logs for unusual access patterns.

Security Recommendations

  1. Unique Credentials: Never share login credentials between users
  2. Strong Passwords: Use a password manager to generate secure passwords
  3. Device Security: Enable device encryption and lock screens
  4. Public WiFi: Avoid accessing patient data on unsecured networks
  5. Lost Devices: Report lost/stolen devices immediately for remote session termination

Compliance Considerations

Paw & Care’s role-based access control helps maintain compliance with:
  • Veterinary practice data protection standards
  • HIPAA-equivalent requirements for animal health records
  • State veterinary board regulations
  • Professional liability insurance requirements
All access to patient records is logged. Unauthorized access may result in disciplinary action and legal liability.

Troubleshooting

Common Issues

Solution: Verify their role has the required permission in the permission matrix above. If not, a Practice Manager must update their role.
Solution: Click “Forgot Password” on login screen. Email with reset link sent within 2 minutes. Link expires after 1 hour.
Solution: Wait 15 minutes for automatic unlock, or contact Practice Manager for manual unlock.
Solution:
  1. Ensure Face ID/Touch ID enabled in device settings
  2. Re-register biometric in app: Settings → Security → Re-enable Face ID
  3. If issue persists, use password login and contact support
Solution: User must log out and log back in, or force-quit the iOS app to refresh permissions.

API Reference

For developers integrating with Paw & Care’s authentication system: 
// Example: Verify if user can finalize records
const canFinalize = (userRole: string): boolean => {
  return ['veterinarian', 'practice_manager'].includes(userRole);
};

if (canFinalize(currentUser.role)) {
  // Show finalize button
}

Security Overview

Learn about encryption, data protection, and compliance

Audit Logs

Track all user actions and access patterns

Practice Settings

Configure practice-wide settings and preferences

Getting Started

Onboard new team members quickly

Build docs developers (and LLMs) love

Get started for freeTalk to us