Anyone on your team that will be responsible for enforcing HIPAA compliance within your organization should have access. Generally these individuals include some or all of the following: HR Managers, HR Directors, IT Directors, Business Operations personnel, ect.