Role-based access control
Five roles. Granular permissions. Complete audit trail.
Not everyone in your lab needs access to everything — and not every pharmacy employee should see every record. BioSure’s RBAC gives you precise control over what each user can see and do, with a complete audit trail of every permission change.
What you get, in detail.
- 01 / 04
Five roles with granular permissions
Lab Admin, Lab Employee, Company Admin (client), Company Employee (client), Super Admin. Each role comes with a default permission set across every module and action. Admins can customize permissions at the role level.
- 02 / 04
Per-user permission overrides
Need to give one technician access outside their role, or restrict a user more tightly? BioSure supports per-user overrides layered on top of their role. Override a single permission without changing the role for everyone.
- 03 / 04
Audit trail & activity logs
Every permission change is logged with the acting user, timestamp, and before/after state. The activity log captures all user actions — giving you documentation for compliance reviews and inspections.
- 04 / 04
Encryption in transit & at rest
All data is encrypted in transit using TLS 1.2+ and encrypted at rest using AES-256. API endpoints are rate-limited. Permissions are enforced server-side.
Built for the people actually running the lab.
Lab directors
Set up roles once. Control who can approve reports, manage clients, or export data without managing individual permissions.
Compliance officers
Full audit trail of all access changes supports 21 CFR Part 11 and ISO 17025 requirements.
IT / security
Encryption at rest and in transit, account lockout policies, and rate limiting reduce your attack surface.