Bert Fava profile image UX designer
bert fava profile image

Bert Fava

Product Researcher & UX Designer
8+ years improving SaaS and Public service experiences through human-centred design

Download CV

Case Study

Introducing Permission Roles for VCAT Business Portals

5min read



Objective

Enable real estate businesses using the new VCAT business portal to operate under a single organization account with defined permission roles, restoring company-level collaboration that existed in the legacy portal while complying with stricter security requirements.

  • Replace legacy shared credentials with a secure, role-based hierarchy.
  • Fold individual user accounts into organization-based accounts.
  • Introduce three permission roles: Org Admin, Branch Admin, Regular User.
  • Achieve this via a one-off migration, not a full product re-architecture.



Impact

I identified critical gaps in the initial permission model and reshaped the solution to better reflect real-world workflows.

  • Facilitated design walkthroughs and focus groups with external stakeholders.
  • Discovered the need for three tiers instead of two and introduced branches in the database and UI.
  • Designed and prototyped a three-tier model with branch-level filtering.
  • Collaborated with architects and developers to align the solution with technical feasibility.



Problem

The initial design featured a two-tier permission system (Admin / Regular User), which did not support real estate business workflows.

Key issues:

  • Large or franchise companies would see all cases across all branches, creating noise and operational inefficiency.
  • Small agencies were less impacted, but high-volume users could not work effectively.
  • Stakeholders perceived the new portal as less functional than the legacy system, risking trust and adoption.
  • The challenge was to realign an already-decided solution without major rework.



Hypotheses

  • A three-tier hierarchy (Org Admin, Branch Admin, Regular User) better reflects company structures.
  • Branch-level segmentation with filters would prevent information overload for large organizations.
  • Borrowing SaaS permission patterns (e.g., Miro) would reduce confusion and adoption risk.
  • Edge cases, like removing a user, could be handled via reassignment flows to avoid orphaned cases.



Opportunities

  • Filters and tables: Low-technical-effort change delivering high user impact.
  • Right-time permission expansion: Adding a third tier while designing the system minimized future rework.
  • Leverage familiar SaaS patterns: Reduced risk and provided a clear reference model.
  • Feature matrix for alignment: Helped architects, developers, and stakeholders understand and compare role responsibilities.
  • Single source of truth: The matrix was reused internally and externally for consistent communication.



Key Insights

  • Structural, not visual problem: Permissions and branch-level data needed to exist in the backend first.
  • Real-world hierarchies vary by company size: Three tiers were essential for large franchises.
  • Feature matrices clarify complexity: Helped technical teams understand roles, reducing miscommunication.
  • Established patterns reduce risk: Borrowing familiar SaaS workflows increased stakeholder and user confidence.



Design Explorations / Deviations

  • Filter vs search: Filters were retained to support branch segmentation.
  • Branch display: Single table with filters chosen over separate tables for clarity.
  • Microcopy & flow tweaks: Deferred some minor “delight” elements to reduce scope.
  • Scope trimming: Adjustments for implementation sizing were considered, but the core three-tier and branch model remained intact.



Solution

  • Three-tier permission model: Org Admin / Branch Admin / Regular User.
  • Branch concept: Users can view cases per branch.
  • Filtering options: Filter out closed cases or view only relevant subsets.
  • SaaS-aligned workflows: Familiar patterns reduce learning curve.
  • Validated with stakeholders and reconciled technical, operational, and user needs.



Outcome

  • Prototype feedback: Highly positive from external stakeholders.
  • Pre-launch expectations: Build closely mirrors prototype; minimal usability backlash anticipated.
  • User benefits: Branch-based visibility, role-based permissions, and filtering improve efficiency over legacy portal.
  • Operational benefits: Reduced support inquiries, more efficient workflows.
  • Trade-offs: Reporting dashboard deprioritized in favor of table exports or Power BI integration.
  • Strategic impact: Demonstrates listening to users and improving trust in the portal.



What I Learned

  • User validation is paramount: Assumptions from peers or business stakeholders are insufficient.
  • Communicate abstract ideas effectively: Prototypes, slides, and structured artifacts help users visualize experiences.
  • Leverage internal support: Comms/project teams allow designers to focus on design while managing scheduling and expectations.
  • Tailor communication to your audience: Developers and architects prefer logical matrices for complex permissions.
  • Balance influence and collaboration: Guide solutions while incorporating stakeholder input.
  • Patience and persistence: Multiple sessions and iterative discussions are necessary for alignment and buy-in.