Client Record Access Delegation

One of the key features of ClientManager CRM is the client record access delegation system, which allows for secure and controlled access to client information. This article explains how client record access delegation works in ClientManager.

Access Hierarchy in ClientManager

Client record access in ClientManager is structured around two primary entities: practices and advisers. Practices can contain multiple advisers, while advisers can be linked to specific clients within a practice. Here is an overview of the access hierarchy in ClientManager:

1. Practices: A practice serves as a distinct silo within ClientManager. Each practice has its associated clients which cannot be shared with other practics. Practices can have multiple advisers.
2. Advisers: Advisers are individuals within a practice who provide financial advice and manage client relationships. An adviser can be linked to one or more clients within their practice.
3. Administrators: Office staff can be linked to one or more advisers and perform supporting functions within the practice.
4. Clients: Clients are individuals or entities for whom financial planning services are provided. Clients are linked to a specific practice and can have one or more advisers associated with them.

Access Control Rules

Client record access in ClientManager follows a set of strict access control rules to maintain privacy and security. Here's how these rules work:

1. Practice Members' Access: If a client exists within a practice and does not have any advisers linked to them, all practice members will have access to that client, provided they have the general 'access' permission within the practice.
2. Adviser Access: As soon as an adviser is linked to a client, only linked advisers will have access to that client's information. Any practice members not linked to the client will then be denied access. They will receive an error message stating, "Permission Denied: You don't have access to this client record. The client you're trying to access is associated with your practice, but you haven't been granted access to it."
3. Delegated Access: To gain access to a client's record where you are not a linked adviser, you will need to be added as a linked adviser to that specific client. Staff members linked as supporting staff for an adviser will automatically have access to that adviser's clients. Delegating access can be done by:
   1. Another adviser who already has access to the client.
   2. Someone with the 'Perms' permission, which grants them the ability to manage access permissions.
   3. A practice principal who has administrative control over the practice.

Example: Ensuring Secure and Controlled Access

In the diagram above each practice (A, B, C, D) has their own database of clients. Users in a practice can never access clients owned by another practice. Any clients not linked to an adviser will be accessible to everyone within the practice. 

Certain clients have been linked to advisers in the relationships tab. The green arrows in the diagram represent client-adviser links. Adviser 1 and Adviser 2 have both given Assistant 1 delegate access to their accounts (represented by the orange arrow). This means that Assistant 1 can access all clients whom Advisers' 1 and 2 have access to.

If Adviser 3 grants delegate access to Adviser 2 it would mean that Assistant 1 would also gain access to those clients. As delegation allows access to all clients a user would normally have access to, delegate access will cascade down to other delegates.

To only provide access to specific clients, Adviser 3 could add Adviser 2 to those individual profiles with a 0% (or more) fee-split. A 0% fee-split allows access without resulting in a commission split on application forms. Assistant 1 would also gain access to those individual clients by virtue of their delegate access to Adviser 2's account.