As we look more and more at user access rights and cybersecurity, it would be great to have more flexibility on access rights for records.  We work in a team environment for advisors with more centralized ops teams.  However, there is some crossover of team membership for some clients and our client services team needs the ability to cover other teammates' work.

We assign all team members using Advisor 1, 2, CSR, etc. and Employee Positions.  If there were a dynamic way of only allowing access to records based on the users assigned to those roles (plus comprehensive access for designated ops/admins) that would really make it easy for us to manage security.

Add to that the ability to temporarily assign "coverage" or "manager" access to a user for oversight and out of office coverage of teammates and I think it would work even better for almost all situations without having to adjust rights on each specific record.