Roles & Rights
Every feature. Every attribute. Every combination. The Datico® LIFE HUB unifies function-based and attribute-based permission management – for precise data access control in any organisational structure, no matter how complex.
Data in Consistency
Two permission layers. One platform.
Most systems offer either roles or attributes – the Datico® LIFE HUB combines both concepts in a consistent permission framework. The result: organisational and data-protection requirements of any complexity can be mapped precisely and with minimal maintenance – from a sports federation with three coaches to a clinic with a hundred users in highly varied roles.
Function-based permissions
Every individual feature in the LIFE HUB can be enabled or disabled per role. Who may do what – not as a blanket rule, but at the feature level.
combined into
individual permission
Attribute-based permissions
Entities (persons, documents, data) are assigned attributes. Users only see records whose attributes match their own access attributes.
Layer 1
Function-based permissions – who may do what.
In the Datico® LIFE HUB, every individual feature can be enabled or disabled independently for each role. This means: Device Connector, Smart Forms, KIS Connector, Reports, Excel Export, User Management – every menu item, every action, every output function can be controlled separately per role.
Roles are configured once in the LIFE HUB and then assigned to users. A user may hold multiple roles simultaneously – the resulting permissions are additive. This allows a therapist to carry both the "Therapy Documentation" and "Team Overview" roles simultaneously, without receiving administrative rights.
Layer 2
Attribute-based permissions – who may see which data.
The attribute-based permission concept allows records to be tagged with freely definable attributes – and data access is then controlled by matching user attributes against entity attributes.
A coach sees only the athletes in their squad. A physician sees only the records of patients in their department. A researcher sees only the subjects in their study. Documents tagged "highly confidential" are visible exclusively to users with the corresponding access attribute.
The attributes are fully configurable – whether squad, federation, department, project group, confidentiality level, or any custom categories. Any organisational structure can be mapped precisely.
What sets it apart
Any permission. Arbitrarily complex. Maintainable.
The strength of the Datico® permission concept lies in the combination of both layers: A role controls what a user may do. Attributes control which data they see while doing it. No additional setup is required – no special solutions, no hard-coded exceptions, no manual filter rules.
The national head coach sees all athletes across all squads, but cannot access medical data. The squad therapist sees athletes in their own squad and can write therapy documentation. The federation sports physician sees all squads and can mark medical reports as highly confidential. Two roles × three squad assignments = nine different views – mapped with just two configuration steps each.
The ward physician sees patients in their ward and may send KIS findings. The physiotherapist sees patients in their therapy group and may document therapy goals. The quality manager sees aggregated data from all wards, but no individual patient data. Three roles × ward attributes = complete data separation without system complexity.
Feature scope
What Roles & Rights offer in the LIFE HUB
EVERY FEATURE INDIVIDUALLY
Every feature in the LIFE HUB can be enabled or disabled per role – no blanket unlocking, no compromise between security and usability.
FREELY DEFINABLE ATTRIBUTES
Squad, department, federation, classification level – the attributes are fully configurable and adaptable to any organisational structure.
MULTIPLE ROLES PER USER
Users can hold multiple roles simultaneously. Permissions are additive – flexible, conflict-free, and centrally manageable.
GDPR-COMPLIANT DATA SEPARATION
The attribute-based concept ensures that users can structurally only access data they are authorised for – not through filters, but through system architecture.
Concepts & Applications
Let's talk.
Success is built through collaboration.
Personal Consultation
Discuss your specific use case directly with one of our experts — individual, structured, and solution-focused.
Book appointmentBook a Live Demo
Experience the Datico® LIFE HUB and its key features live — tailored to your requirements.
Request demo30-Day Free Trial
Start your 30-day free trial — full feature set, personal onboarding, no contract required.
Request trial accessJoin a Live Webinar
Compact insights into features, use cases and best practices — live and interactive with our experts.
View webinars