User Roles
| Role | Access Level | Can Manage Users | Can Change Policies |
|---|---|---|---|
| End User | Own files + assigned Team Shares | No | No |
| Sub-Administrator | All user files + admin panel (limited) | Yes (limited) | No |
| Administrator | Full access to all files and admin panel | Yes | Yes |
Note
Assign the Administrator role only to trusted IT staff. Sub-Administrators can manage users and Team Shares but cannot change organization-wide security policies.
Adding a New User
- 1Log in to the web portal and click the Admin tab.
- 2In the left sidebar, click Users.
- 3Click the Add User button.
- 4Enter the user's first name, last name, and email address.
- 5Assign a role: End User, Sub-Administrator, or Administrator.
- 6Optionally set a storage quota for this user.
- 7Click Create User.
- 8The user will receive a Welcome email with instructions to set their password and configure their account.
Tip
If you need to add many users at once, use the Bulk Import feature. Click Add User → Import from CSV and upload a CSV file with columns: first_name, last_name, email, role.
Editing User Details
- 1In the Admin panel, click Users.
- 2Click the user's name to open their profile.
- 3Click Edit to modify their name, email, role, or storage quota.
- 4Click Save when done.
You can also manage a user's Team Share memberships from their profile page — add them to new Team Shares or remove them from existing ones.
Resetting Passwords
If a user is locked out or has forgotten their password, administrators can trigger a password reset email.
- 1In the Admin panel, click Users and find the user.
- 2Click the user's name to open their profile.
- 3Click Reset Password.
- 4The user will receive an email with a link to set a new password. The link expires in 24 hours.
Important
Administrators cannot view or set a user's password directly — only the user can set their own password via the reset link. This is a security feature that protects user privacy.
Suspending a User
Suspending a user immediately prevents them from logging in and accessing any files. Their files and data are preserved — suspension is reversible.
- 1In the Admin panel, click Users and find the user.
- 2Click the user's name to open their profile.
- 3Click Suspend Account.
- 4Confirm the action. The user will immediately lose access.
- 5To reinstate the user, return to their profile and click Reactivate Account.
Tip
Suspend accounts immediately when an employee is placed on leave or when suspicious activity is detected. You can investigate and reactivate later without losing any data.
Deleting a User
Deleting a user permanently removes their account. Before deleting, decide what to do with their files.
- 1In the Admin panel, click Users and find the user.
- 2Click the user's name to open their profile.
- 3Click Delete User.
- 4You will be prompted to choose what happens to the user's files: Transfer to another user, Keep in a shared archive folder, or Delete permanently.
- 5Make your selection and confirm the deletion.
Important
Deleting a user is irreversible. If you choose to delete their files, they cannot be recovered. Always transfer or archive files before deleting a user account.
Employee Offboarding Checklist
When an employee leaves your organization, follow this checklist to ensure HIPAA-compliant offboarding:
- Immediately suspend the user's account on their last day (or when notified of departure).
- Revoke all active shares created by the user — check Shares → Shared by Me in their profile.
- Transfer ownership of their files and Team Share memberships to their manager or successor.
- Remove them from all Team Shares to prevent any residual access.
- Document the offboarding in your HIPAA compliance records, including the date and actions taken.
- Delete the account after confirming all files have been transferred and access has been revoked.