User Roles and Permissions
BigBoard uses role-based access control to ensure users have appropriate access to features and information. This guide explains different user roles and how to manage permissions.
Understanding Roles and Permissions
Roles
Roles define a user's position and responsibilities within your organization:
- Administrator - Full system access and management capabilities
- Office Staff - Administrative functions for program management
- Trail Staff - Field operations and session leadership
- Coordinator - Specialized roles with mixed administrative and operational duties
Permissions
Permissions control what actions users can perform:
- View - Can see information but not modify it
- Edit - Can modify existing information
- Create - Can add new items or records
- Delete - Can remove information (usually restricted)
- Manage - Full control over specific areas or functions
User Role Details
Administrator
Administrators have full system access including:
System Management
- User account creation and management
- Organization settings and configuration
- System security and access control
- Data export and reporting tools
Program Management
- All season, trip type, and session management functions
- Full access to user profiles and assignments
- Financial and billing system access
- Equipment and resource management
Reporting and Analytics
- Comprehensive reporting across all areas
- Data analysis and trend identification
- Performance metrics and evaluations
- Audit logs and system activity
Office Staff
Office staff handle day-to-day administrative functions:
Program Operations
- Session creation and management
- Participant enrollment and communication
- Trail staff scheduling and assignment
- Equipment coordination and tracking
User Support
- Limited user account management (for their assigned areas)
- Trail staff communication and support
- Participant and family communication
- Basic reporting and documentation
Financial Functions
- Billing and payment processing (if authorized)
- Budget tracking and expense management
- Financial reporting for assigned programs
Trail Staff
Trail staff focus on field operations and session delivery:
Session Management
- Access to assigned session details
- Participant information and medical forms
- Daily activity planning and documentation
- Equipment checkout and inventory
Communication
- Check-in capabilities with base operations
- Incident reporting and emergency procedures
- Participant and family communication (as appropriate)
- Peer communication and coordination
Field Operations
- Mobile-optimized interfaces for field use
- Offline capabilities for remote areas
- GPS and location tracking features
- Weather and safety information access
Coordinator Roles
Some organizations use coordinator roles that blend administrative and operational functions:
Program Coordinators
- Oversight of specific program areas or trip types
- Staff scheduling and assignment for their programs
- Limited user management for assigned staff
- Program-specific reporting and evaluation
Regional Coordinators
- Geographic area management and oversight
- Local staff coordination and support
- Regional reporting and communication
- Equipment and resource coordination
Permission Management
Setting User Permissions
Coming soon! This section will include step-by-step instructions for:
- Accessing user permission settings
- Assigning and modifying user roles
- Creating custom permission sets
- Managing temporary or seasonal permissions
- Auditing and reviewing user access levels
Permission Categories
Data Access Permissions
- Personal information (participant/staff data)
- Financial information (billing, payments)
- Medical information (forms, incidents)
- Operational data (schedules, logistics)
Functional Permissions
- Create/edit/delete capabilities
- Administrative functions
- Reporting and analytics access
- System configuration changes
Geographic or Program Permissions
- Access limited to specific regions
- Permission limited to certain trip types
- Seasonal or temporary access restrictions
- Equipment or resource-specific permissions
Best Practices
Role Assignment
Follow these principles when assigning roles:
Principle of Least Privilege
- Give users the minimum access needed for their job
- Regularly review and adjust permissions
- Remove unnecessary access promptly
- Document reasons for elevated permissions
Clear Role Definitions
- Maintain written job descriptions that align with system roles
- Train users on their specific permissions and limitations
- Provide clear escalation paths for access requests
- Regular review of role appropriateness
Permission Auditing
Regularly audit user permissions:
Monthly Reviews
- Check for users with excessive permissions
- Identify unused accounts that should be deactivated
- Review temporary permissions that may need extension or removal
- Validate that current permissions match job responsibilities
Seasonal Adjustments
- Update permissions for seasonal staff changes
- Adjust access levels for changing responsibilities
- Archive permissions for off-season staff
- Prepare permissions for returning seasonal staff
Security Considerations
Access Control
Maintain secure access control:
- Use strong authentication methods
- Implement session timeouts for sensitive functions
- Monitor and log permission changes
- Require approval for permission elevation requests
Data Protection
Protect sensitive information:
- Limit access to personal and medical information
- Secure financial and billing data
- Control export and download capabilities
- Monitor data access and usage patterns
Compliance
Ensure compliance with relevant regulations:
- Privacy laws and participant data protection
- Employment law and staff information security
- Financial regulations for billing and payment systems
- Safety regulations and incident reporting requirements
Troubleshooting Permissions
Common Permission Issues
User Cannot Access Expected Features
- Verify their current role assignment
- Check for recent permission changes
- Confirm they're logged in with correct account
- Review any geographic or program restrictions
User Has Too Much Access
- Review their current permissions immediately
- Document any inappropriate access discovered
- Adjust permissions to appropriate level
- Consider whether data breach policies apply
Permission Changes Not Taking Effect
- Verify changes were saved properly
- Check for system caching delays
- Ensure user has logged out and back in
- Contact technical support if issues persist
Next Steps
Understanding roles and permissions helps you maintain proper security and access control. Continue to the Managing User Accounts section to learn about ongoing user administration tasks.