Equip permissions help your organization control what team members can see and do across participant profiles, modules, and reports. The Account Settings → Permissions page includes two areas: Custom Roles for module-level permissions and Report Access for report visibility.
Some records, including individual notes and documents, also have their own Access Controls when they are created or edited. Use those record-level controls when you need to decide exactly which roles can see a specific note or document.
⚙️ Navigate to Permission Settings
Click your profile photo or initials in the top-right corner.
Select Account Settings.
In the left-hand menu, click Permissions.
👥 Custom Roles
Custom Roles define account-level permissions for team members such as admins, supporters, mentors, providers, and other staff roles. These role settings determine which modules a team member can open and what actions they can take.
For each custom role, you can manage:
Scope of support — whether the role can access all participants, only assigned participants, or only limited records.
PHI access — whether the role can access protected health information when available.
Legal access — whether the role can access legal information when available.
Module permissions — whether the role has no access, viewer access, supporter access, or administrator access for each available module.
Module permissions apply to staff roles assigned to users. They do not create a global participant permission matrix for individual notes or documents.
Important: General Admin and Super Admin users have web access enabled by default. If a team member should not have web access, assign them a Supporter role instead of an admin role.
🔐 Record-Level Access for Notes and Documents
Notes and documents can have their own Access Controls when you create or edit the record from a user profile. These controls determine which roles can see or manage that specific note or document.
For individual notes and documents, the available access levels are:
No access — The role cannot view the record.
Viewer — The role can view the record.
Editor — The role can view and manage the record.
Example: To make sure a participant cannot see a specific note, create or edit the note, go to Access Controls, and set the participant role to No access. This controls visibility for that note only.
📊 Report Access
Report Access controls which reports are available to team roles with web access. You can grant or remove access by report type for roles that should be able to run reports.
Report categories may include assessments, employment, events, forms, goals, groups, moods, notes, routines, and users depending on your account configuration.
Click Save after updating report permissions.
💡 Best Practices
Use Custom Roles for broad staff permissions across modules.
Use Access Controls on an individual note or document when visibility needs to be specific to that record.
Review custom roles regularly when job responsibilities change.
Avoid granting broader role access when a record-level visibility change is enough.
❓ FAQs
Can I globally turn off participant access to all notes from Account Settings?
No. Current permissions do not include a global participant note checkbox. Use the note's Access Controls to decide whether the participant can see a specific note.
How do I keep a participant from seeing one note?
Create or edit the note, find Access Controls, and set the participant role to No access.
Do Custom Roles control participant users?
Custom Roles primarily manage team member access. Participants use the account's participant role, and individual note/document visibility is controlled on the record.
Related Articles