Comprehensive Guide to Managing User Permissions in Healthcare Agent Services Using Microsoft Entra ID via Azure Portal After July 2025

Microsoft Entra ID, which used to be called Azure Active Directory (Azure AD), is a cloud service that helps manage who can use apps and resources. It works for both cloud and on-site systems. In healthcare, where keeping data safe and following rules like HIPAA is very important, controlling who can see sensitive information and AI tools matters a lot.

Starting July 1, 2025, Microsoft will require all new healthcare agent service setups, like those that handle patient calls, staff schedules, and front-office questions, to use Microsoft Entra ID for assigning and managing user permissions. This is done through the Azure Portal. Current healthcare agent services will also switch to this system and can start using it earlier if they want. This change makes user access management more secure and centralized on one cloud platform built for safety and rule-following.

Why Microsoft Entra ID?

Microsoft Entra ID keeps identities safe so that only allowed users can get into important healthcare systems and sensitive data. Healthcare data is very private, and providers often face cyberattacks, so strong security is needed.

Microsoft Entra ID offers these features:

• Multi-Factor Authentication (MFA): This lowers the chance of stolen identities by over 99%. Users must confirm who they are in more ways than just a password.
• Zero Trust Security Model: Every time someone tries to access the system, their identity and device are checked first.
• Risk-Based Conditional Access: Access rules change automatically based on user behavior, location, and device status. Suspicious actions are blocked.
• Privileged Identity Management (PIM): Users get only the permissions they need for a short time when needed.
• 24/7 Service Reliability: Microsoft promises the system will work 99.99% of the time, which is important for healthcare tools that must be always available.

Over 720,000 organizations, including many in healthcare, use Microsoft Entra ID to keep identity management safe and effective.

New User Roles and Access Levels for Healthcare Agent Services

When managing user permissions in healthcare agent services like Simbo AI, Microsoft Entra ID has three main roles:

1. Healthcare Agent Admin

This is the highest access level. Users in this role can:

• Sign in to Azure Portal and handle all bot resources.
• See and change configuration settings.
• Access and manage bot keys and secrets, which keep the bot secure.
• Manage user access by assigning roles using Azure’s IAM panel.

This role controls the security and compliance of the healthcare AI agent service.

2. Healthcare Agent Editor

This role is for users who need to work with the bot and its settings but should not see sensitive data like keys or user conversations. Editors can:

• Sign in and change bot resources and scenarios.
• See configuration settings.
• Manage skills and channel setups but only with read-only access to user management.

This role fits IT staff who handle bot functions but not security details.

3. Healthcare Agent Reader

This role is only for viewing. Readers can check bot resources and settings but cannot see secrets or user conversations. They can:

• Sign in and view bot resources to monitor settings.

This role makes sense for auditors or compliance officers who watch over the system without making changes.

Assigning User Roles Using Azure Portal

From July 1, 2025, all new healthcare agent services must assign users and roles only through Microsoft Entra ID with the Azure Portal. The old system inside Healthcare Agent Service Management will stop working for user management.

Here is how to assign roles step-by-step:

• Log in to Azure Portal with a Healthcare Agent Admin account.
• Go to the Healthcare Agent Service instance.
• Click “Access Control (IAM)”.
• Select “Add Role Assignment.”
• Pick the correct Healthcare Agent role (Admin, Editor, Reader).
• Add users by typing their email or picking groups from Entra ID.
• Click “Review + Assign” to save the changes.

Microsoft Entra ID lets you group users for easy management. Groups help assign roles to many staff members at once, which is useful for big clinics or hospitals with multiple locations.

Transition Plan for Existing Healthcare Agent Services

Healthcare providers who use healthcare agent services now can switch early to Microsoft Entra Access Management using the User Management page if they have the Healthcare Agent Admin role. After enabling this:

• Old user assignments in the previous system will stop working but can still be seen for reference.
• All roles and permissions need to be set again through Azure IAM.
• Microsoft will fully change existing services soon, making Microsoft Entra ID the only way to manage access.

This change means healthcare IT teams must prepare and train to work with the new centralized user system.

AI and Workflow Integration in Healthcare Front-Office Services

Keeping user access safe is very important. AI tools like Simbo AI use artificial intelligence to improve front-office tasks beyond just answering phones. AI helps staff focus more on patient care.

AI’s Role in Healthcare Agent Services:

• Automated Call Handling: AI answers patient calls, schedules visits, gives office hours, and sends urgent calls to the right person.
• Natural Language Processing (NLP): AI understands patient questions, works with many languages, and makes communication clearer.
• Task Automation: AI sends reminders, confirms appointments, and checks in patients automatically, which lowers mistakes and helps keep patients informed.

Security and Compliance Through Microsoft Entra ID:

The AI tools work with private patient data, so user access must be carefully controlled. Microsoft Entra ID’s zero trust security and multi-factor authentication make sure only authorized staff use the AI tools and data. This helps follow HIPAA and other laws.

Workflow Automation with Role-Based Access:

Microsoft Entra ID supports automated processes that happen based on user roles. For example:

• Editors can update bot configurations.
• Admins can create audit reports or change user permissions.
• Readers can schedule reviews to check compliance.

These tools help make sure tasks are done or checked by the right people, reducing risks.

Importance of Auditing and Compliance

Healthcare groups must protect patient privacy. Microsoft Entra ID keeps logs that show who changes roles, who accesses what, and when. These logs are important for:

• Compliance Audits: Showing proof of who can use the systems and when.
• Security Checks: Finding unauthorized access or strange activities quickly.
• Rule Enforcement: Making sure healthcare processes follow company and federal rules.

Microsoft Entra ID works with Microsoft Security Copilot, an AI tool that helps IT staff watch for risks by spotting unsafe user behavior and configuration problems early.

Cost and Licensing Considerations for U.S. Healthcare Providers

Microsoft offers different license plans for Entra ID depending on healthcare providers’ needs:

• Free Tier: Basic features, good for small offices with simple needs.
• Entra ID P1: Costs $6 per user each month. Includes key identity features like conditional access and MFA.
• Entra ID P2: Costs $9 per user each month. Adds advanced risk detection and identity management.
• Microsoft 365 Business Premium: $18.79 per user monthly, includes Entra ID P1, ideal for offices with up to 300 users.
• Microsoft 365 E3 and E5 Plans: For large healthcare systems, cost $27.45 and $48.45 per user per month, and include the highest security functions.

Choosing a plan depends on the size of the organization, legal rules it follows, and security needs.

Impact on U.S. Healthcare Practices

In the U.S., healthcare settings vary from single doctors to big hospital groups. Using Microsoft Entra ID makes managing user permissions simpler and safer. It helps reduce data breaches and supports flexible, secure remote work, which is important as telemedicine and remote patient monitoring grow.

Stories from other organizations show positive results:

• Israel Villar Boillos from ULPGC says managing many identities across apps improves cybersecurity.
• Matthias Hansen of Domino’s Pizza Enterprises notes the strong capabilities of Entra ID’s identity management.
• Saioa Mielgo from Bridgestone EMEA shares that frontline workers get secure and smooth cloud access through Microsoft Entra ID.

Though these examples are not from healthcare, they show how reliable the platform is for managing AI services.

A Few Final Thoughts

Moving user access for AI healthcare agent services to Microsoft Entra ID and the Azure Portal gives U.S. healthcare providers a single secure place to control important AI tools. This change will bring stronger security, clearer user roles, and easier compliance with rules. It helps healthcare offices keep up with new technology in the front office.