In this Amberlo update, we introduce the possibility to set advanced policies for accessing modules and data records for each user.
Setting user permissions to Amberlo modules
You will be able to set access permission to each module for every user. To do this you will need to open user settings and switch on/off access to modules in the “Module Access” section.
Example: After switching off access to invoices and contracts, the user will not be able to see invoices and contracts in the system. The following images show Amberlo menu bars with all modules switched on and with invoices and contracts switched off.
All modules On:
Invoices and contracts Off:
Setting access to data records
You will be able to set which data records users can see, modify, and delete. In the following picture, you can see settings for accessing time-sheets.
These settings enable implementing the following scenarios:
Junior lawyer – creates timesheets, sees and edits only own time-sheets, is not allowed to delete any time-sheets:
Lawyer – creates, sees, edits, and can delete own timesheets; sees, edits, and can delete team time-sheets:
Partner – can perform all actions with any time-sheets:
Bookkeeper (issues invoices): can see all timesheets. Can not create, modify, or delete any time-sheets:
Assigning users to a client or matter team member list
If the user has restricted access only to his and his team’s data records, in order to access team records, he needs to be assigned as a team member for a particular client or matter. To do this you need to open the client’s card, go to settings, and add a user to the “Teams and Roles” list.
How do data access restrictions work with real data?
Let’s have a look at the sample legal company:
- Partner Kevin must access all company information including issued invoices, received and delayed payments, and see his team load.
- Bookkeeper Ann is issuing invoices, therefore she must see client information, all time-sheets, and invoices, but she does not work with tasks, planning, and documents so access to those modules is not needed.
- The company has two legal teams. Company policy is to restrict data access to paralegals so that they would be sharing case information and each would create time-sheets, but they must not see their colleagues’ time-sheets and company finances. At the same time, lawyers must see their team, their matters, and all related information, including the matter’s finances.
- Legal teams:
- Lawyer Peter’s team has two paralegals John and Antony. Peter’s team works with mergers & acquisitions.
- Lawyer Alfred’s team has also two paralegals Ingrid and Jason. Alfred’s team works with debts, bankruptcy matters, and company restructuring projects.
- Both teams work with the same company group “Investment fund”, therefore client information must be accessible by both teams and all team members. So all team members from both teams must be assigned to the clients “Investment fund” team.
- Peter’s team currently leads the case of the company “A” acquisition. They have created a new matter “Company A acquisition” and assigned access to this matter to Peter’s team. This way they can share information on the matter among team members and ensure that Alfred’s team will not have access to the matter information.
- Alfred’s team is currently working on a debt collection matter from company “B”. They have created a new matter “Debt collection from company B” and assigned access to this matter to Alfred’s team. This way they can share information on the matter among team members and ensure that Peter’s team will not have access to the matter information.
Amberlo enables the implementation of the aforementioned scenario with the following data access settings:
- Partner Kevin: allow access to all data.
- Bookkeeper Ann: allow view of all clients, all time-sheets, and all invoices; allow create invoices; deny access to matters. planning and documents.
- Lawyers Peter and Alfred: allow full access to clients; allow create matters; allow view and edit own and team matters; allow delete own matters; allow create time-sheets; allow view, edit and delete own and team time-sheets;
- Paralegals John, Antony, Ingrid, and Jason: allow view all clients; allow view own and team matters; allow create time-sheets; allow view, edit and delete own time-sheets; deny access to invoices;
Creation of data records and access to data will look as following :
- Lawyer Peter creates the matter “Company A acquisition”. He adds John and Antony as members of the matters team.
- Lawyer Alfred creates the matter “Debt collection from company B”. He adds Ingrid and Jason as members of the matters team.
- Lawyers and paralegals add time-sheets to the corresponding matter. Lawyers see their own time-sheets and time-sheets of their team members while paralegals only see their own time-sheets.
- Bookkeeper Ann sees the time-sheets of both teams and can issue invoices at the end of the month by including time-sheets and additional expenses registered at both matters.
- Each lawyer will see what was invoiced for their matter, while partner Kevin will see all invoices.
If you did not try Amberlo yet, you can do it here.
Your Amberlo team