Role-Based Access Control (RBAC)
A security model restricting system access based on the user's organisational role.
Role-Based Access Control assigns permissions to roles rather than individual users. When a user is assigned a role, they inherit all permissions of that role. MOVO-X implements a 4-tier RBAC hierarchy: SUPER_ADMIN (full platform access), GROUP_ADMIN (all hospitals in a healthcare group), HOSPITAL_ADMIN (single hospital), DEPARTMENT_HEAD/DOCTOR/NURSE/RECEPTIONIST (scoped to department or function). JWT tokens carry role claims verified on every API request.
Related Terms
JWT Authentication
JSON Web Token-based stateless authentication, encoding user identity and role in a signed token.
Audit Log
An immutable chronological record of all user actions and system events for compliance tracing.
PDPA 2010
Personal Data Protection Act 2010 — Malaysia's primary data privacy law governing all healthcare data.
Use MOVO-X for Role-Based Access Control (RBAC)
MOVO-X is Malaysia's leading platform for role-based access control (rbac) in hospitals and clinics. PDPA 2010 compliant, PHFSA 1998 compliant, MyKad NFC ready.