Documentation start

Compliance, client operations, credentialing, facility operations

Control compliance

Use this rollout when the first operational win is reducing compliance risk: wrong workers seeing wrong shifts, expired credentials, overtime violations, DNR locations, client-specific restrictions, or access that is broader than it should be.

Target outcome

Compliance teams can define rules once, make them visible in daily operations, block or flag risky actions, and keep an audit-friendly record of what happened and why.

Rollout model

Control compliance should launch as an operating workflow, not a list of settings.

Use the model as a readiness check. If one stage is vague, the rollout is not ready for operator training.

Definition of done

A real user can complete the workflow, hit an exception, and know what happens next.

01Scope

Choose the first operating problem, owner, and success condition.

02Data

Prepare the records and fields the workflow depends on.

03Access

Decide what admins, clients, facilities, and workers can see.

04Workspaces

Create the daily queues where operators review and act.

05Rules

Configure policy checks, automations, and exception paths.

06Test

Run normal, blocked, exception, and permission scenarios.

1

Map the compliance rules

Do not start with automation. Start by writing the actual rules the business uses today, including who owns them and what happens when the rule is violated.

  • List client-specific requirements, facility-specific restrictions, location rules, role rules, and credential rules.
  • Separate hard blocks from soft warnings.
  • Define who can override a rule and where that override should be recorded.
  • Identify whether a rule affects shift visibility, shift request approval, assignment, clock-in, payroll, or billing.
  • Document the source of truth for each rule.
2

Create structured fields

Compliance cannot rely on notes if Teambridge needs to evaluate it. Convert every important rule into fields, links, statuses, dates, or records.

  • Credentials: document type, expiration date, owner, status, reviewer, and renewal workflow.
  • DNR: multi-select Link to Object field from Users to Locations.
  • Overtime: worked hours, scheduled hours, threshold, location/client policy, and decision mode.
  • Role eligibility: worker roles, required shift role, credential requirement, and role-specific permissions.
  • Client restrictions: allowed locations, allowed departments, facility-specific policies, and sensitive fields.
3

Configure access groups

Compliance also depends on visibility. The right person should see enough to act, but not enough to create unnecessary risk.

  • Create role-based groups such as Owner, Manager, Scheduler, Payroll, Client, Facility Manager, and Worker.
  • Limit client and facility users to their own locations and workspaces.
  • Use collection permissions for view, create, edit, and delete access.
  • Use schema permissions to hide sensitive fields.
  • Test every access group with a real user and real records.
4

Add policies and workflows

Policies evaluate whether an action should be blocked, flagged, ranked, or allowed. Workflows handle follow-up after the decision.

  • Block shift requests when a credential is missing or expired.
  • Remove locations from a worker when a DNR field changes.
  • Flag overtime risk for admin review or reject it automatically where required.
  • Notify managers when a credential is nearing expiration.
  • Move repeated attendance issues into performance review or tier workflows.

Product example

What time review looks like when clock-ins and exceptions are part of the same record.

This supports time, attendance, payroll readiness, overtime, and exception sections because those workflows depend on trusted shift and timecard signals.

Open time tracking product page
Teambridge time tracking product visual showing a timecard workflow
5

Build exception dashboards

The compliance team needs a daily control surface. The goal is not only to enforce rules, but to make unresolved risk easy to find.

  • Expiring credentials this week.
  • Workers with missing required documents.
  • Shift requests rejected by policy.
  • Overtime risk requests needing admin review.
  • DNR updates and affected locations.
  • Client or facility access changes needing review.

Permissions model

  • Compliance can view credentials, restrictions, policies, and audit fields.
  • Schedulers see operational eligibility and warnings, but not necessarily private compliance details.
  • Clients and facilities see only their scoped records and approved fields.
  • Workers see only actions available to them and clear explanations when blocked.

Testing checklist

  • Test expired credential blocking.
  • Test DNR removal from mobile visibility.
  • Test overtime block and overtime flag modes.
  • Test client/facility access from a scoped account.
  • Export or review the audit path for a rejected or overridden action.

Common mistakes to avoid

  • Treating a compliance rule as a note instead of structured data.
  • Giving clients broad access because scoped access takes longer to configure.
  • Blocking too aggressively before testing edge cases.
  • Failing to explain to workers why an action was rejected.
  • Not creating a daily exception view for unresolved risk.

Related documentation

concepts/access-groupsworkflows/control-overtimevideosconcepts/workflows