Shared logins are convenient and quietly risky. When everyone uses the same account, everyone can see every family’s most private details, and no record shows who did what. Role-based access fixes both problems: people get exactly the access their job needs, and the system knows who each person is. For a business holding this kind of information, that is not bureaucracy, it is basic respect for the families.
Why shared logins are a problem
- Everyone can open every family’s file, regardless of need.
- No record shows who viewed or changed a case.
- A departing employee’s access cannot be cleanly removed.
- Sensitive details are exposed more widely than necessary.
A sensible permission model
| Role | Typical access |
|---|---|
| Director / arranger | The cases they work, with documents and tasks |
| Admin | Case records and scheduling across the firm |
| Accounting | Invoices, payments, balances, and exports |
| Manager / owner | Full access plus reporting |
| Location staff | Limited to their own location’s cases |
What to ask software vendors
- Can I set permissions by role, not shared logins?
- Can I limit staff to their own location’s cases?
- How is access removed when someone leaves?
- Is access tied to the audit trail?
How FuneralHQ handles this
FuneralHQ uses role-based access so staff see what their role needs, with location-level permissions for multi-location firms and an audit trail that ties actions to people. Review the model on the security page, and see multi-location reporting for groups.
Related resources
Read funeral home audit trails and the data security checklist for owners.