I’m building a caregiving coordination app and want the privacy to be highly customizable. Not sure if this is possible in Bubble, now that I’m digging in deeper. Would greatly appreciate some advice here from a seasoned privacy Bubbler.
I have Users who can be a member of one or more private CareHubs. Each CareHub contains CareAreas and CareAreaRoles, and each User has a usertype (admin/primary/secondary/supporter/paid caregiver). There are documents, journal entries, files, etc. that pertain to various CareAreas and may need to be accessible or not depending on usertype or depending on default settings set by the admin. Ideally, privacy (eg, whether someone has access to a patient’s health info or financial/legal info) would be customizable at various levels: User/CareArea/CareAreaRole/usertype so that my app can be responsive to the needs of my caregiving families and their teams. And obviously, people need to be able to only access any CareHub at all for which they have permission.
Originally, I set my database up with a table for CareTeamMembers to record data specific for a User’s relationship to that particular CareHub (such as their role in that hub, how they’re connected to the care recipient, etc), but now that I’m combing through to get the privacy right, I’m getting really stumped.
I’ve gone back through and added a HubAdmins, HubPrimary, etc field to the CareHubs so that I could do privacy based on hub role types, and I just went through and added in a hub_health_access and hub_financial_access list field into the User table so that their permissions for those arenas could be tracked at the user level but still accessible in the privacy settings. However, I’m running into a problem.
In my JournalEntries table, I want to set permission so that only those users who have health access can have access to the journal entries associated with the health care area, but there’s no way I can find to dig in that deep. I know I can do some of this on visibilities at the UI level, but some of this is incredibly sensitive information, and I need the privacy to be tight. I will have the same issue in several other tables that hold various types of data that is tagged by CareArea and CareAreaRole.
I’d gratefully welcome any help or advice. Or just tell me if I should stop banging my head against this particular wall and accept this as a limitation of the platform.
Thanks,
Rachel
www.CaregivingHQ.com