URL: /partner/users/
Manage all staff accounts including clinicians, receptionists, and other practice users. User management is restricted to Registered Managers.
| Role |
Permissions |
| Registered Manager |
Full access — manage staff, configure practice, view all patient data, manage compliance and reports |
| Clinician |
View and update patient records, manage appointments, record clinical notes, issue prescriptions |
| Receptionist |
Manage appointments, register new patients, update demographics, view patient records (read-only for clinical data) |
- Navigate to Staff Management
- Click Add Staff Member
- Complete the required fields:
- First Name and Last Name
- Email Address (used as the login username)
- Role (select from the table above)
- Professional Registration Number (GMC/GDC for clinicians)
- Prescriber Type (for clinical staff — GP / Dentist / Nurse / Other)
- Click Save
- The system sends an invitation email with instructions to set their password and MFA
- Go to Staff Management and locate the user
- Click Edit next to their name
- Update the relevant fields
- Click Save
Role changes take effect immediately.
When a staff member leaves the practice:
- Locate the user in Staff Management
- Click Disable
- Confirm the action
Disabled users cannot log in. Their historical data (appointments, notes) is preserved for audit purposes.
When a clinician or staff member leaves:
- Disable their account immediately on their last working day
- The audit log preserves all their previous actions
- Their historical patient records remain accessible
- No data is lost — only login access is revoked
If a staff member forgets their password:
- Go to Staff Management and locate the user
- Click Reset Password
- The system sends a password reset email to their registered email address
Alternatively, users can click Forgot Password? on the login page.
For adding multiple staff members (e.g. during onboarding), contact VeriPath support to coordinate batch user creation.
- Review active staff accounts monthly
- Disable accounts immediately when staff leave
- Ensure every staff member has a unique email address — never share accounts
- Assign the minimum role permissions needed for each person's role
- Staff should never share passwords or MFA devices
- Keep professional registration numbers up to date for all clinicians