These roles each come with their own set of permissions. Depending on the role selected, you may or may not be able to customize their permissions. For example, someone set up as a Payroll admin will have the following permissions by default:
- View basic staff info
- View sensitive worker info (e.g., SSN, pay)
- Hire and terminate individuals and edit info
- Run payroll
So, anyone given the Payroll admin role will always be able to view sensitive information. This permission cannot be removed from an admin in this role.