Settings

Console configuration

Admin settings

Roles, team, connected systems, and security posture for the Mance operations console. Admin access is provisioned by Super Admins only — never self-serve — and MFA is required on every account.

Roles & access6

What each admin role can do. Admins assign, escalate, and unblock — they never perform clinical approval.

  • Super Admin

    Provisions admin seats, sets roles, and configures every system. Tightly held.

    Full access
  • Care Coordinator

    Triages the cross-portal queue — assigns intakes, escalates blockers, nudges patients.

    Operations
  • Clinical Admin

    Routes the clinician queue and rebalances load. Cannot approve or alter clinical decisions.

    Consults
  • Pharmacy Ops Admin

    Unblocks fulfillment, watches supply and capacity, and chases courier exceptions.

    ManceRx
  • Billing Admin

    Works failed charges and refunds, and resolves billing holds that stall dispatch.

    Payments
  • Compliance / Admin Auditor

    Reviews access, consent, and AI-action logs. Read-only across the console — no edits.

    Read-only

Admin accounts are never self-serve. New seats are created by a Super Admin and require MFA enrolment before first sign-in. Every role change is written to the audit log.

Team5

Admins with console access and when they were last active.

  • Mira Khan

    mira.khan@mancehealth.ca

    Care Coordinator
  • Devon Reyes

    devon.reyes@mancehealth.ca

    Super Admin
  • Aisha Bello

    aisha.bello@mancehealth.ca

    Pharmacy Ops Admin
  • Theo Lindqvist

    theo.lindqvist@mancehealth.ca

    Billing Admin
  • Sara Okafor

    sara.okafor@mancehealth.ca

    Compliance / Auditor

Connected systems5

Portals and services this console reads from. Status is read-only here.

  • Shared API + Auth

    Core data plane with row-level security (RLS) enforced.

    Connected
  • Stripe

    Payments, charges, and refunds for patient orders.

    Connected
  • ManceRx pharmacy portal

    Fulfillment, compounding, and courier dispatch.

    Connected
  • Clinician portal

    Consult queue, reviews, and clarifications.

    Connected
  • Patient portal

    Intake, consent, and order tracking.

    Connected

Security

Account and session policy enforced across every admin seat.

Multi-factor authentication

Required on every admin account. Enforced at enrolment — no exceptions.

Required

Session policy

Idle sessions expire after 30 minutes; absolute timeout at 12 hours. Re-auth on sensitive actions.

30 min idle

Audit logging

Every access, role change, and AI action is written to an append-only log retained for 7 years.

On

Access model

Least-privilege role-based access with row-level security (RLS) on the shared data plane.

RLS enforced