A user can view records in a register which they have no assigned role for.

Check for any ‘inherited roles’ against the records that she can view.

Inherited roles are roles assigned to users within the incident workflow which are staff assigned fields and linked to a ‘standard’ role (and given permissions through here):

Example: You can see this field is setup and linked as a 'standard role' linked to a user role:

Setup within ‘Standard Roles’ these are configured against a workflow > Object and Staff field:

This gives these staff members access to the record based on this user role setup (which looks like it is a Read Only setup).