Is there security available to limit staff access to a specific client, other than through user groups?
You can use the Client - Security to limit complete access to a specific client. Refer to Client Security.
When Client Security is enabled for a client:
Only FYI Admins and the users who have been given access to the client will see any information about the client.
Any other users will not see the client in the Clients List or in any other lists, and it will not show in any searches.
All information is hidden from all users except those who have been given specific access.
Only an FYI Admin can make changes to the security access to a client or disable security.
If a user who is not an FYI Admin has been given Security access to client, they can access the Client - Security tab and see all the users who have been given access to that client. But only an FYI Admin can make any changes.
You could also set up a specific Cabinet for just this client, and only allow access to that Cabinet for specific users in the practice. You then set this Cabinet in the filing defaults for the client. This limits the documents to specific user, but the client will still display in the Clients List