Is the user getting denied access via the inherited rights from the "EVERYONE 6" group? Or maybe the user or the "EVERYONE 6" group is read-only?

I dont thinks so but I also dont see where you can deny access via the group. 

How would you set up deny in a group? 

and no, the everyone 6 group is not read only. 

and for more context, this is the user account for my HR manager. I set her up the exact same way and the effective rights are good. 

Is the user a member of the "EVERYONE 6" group? If so, then look at the actual access rights configured for "EVERYONE 6" on the RMCDocs\Users folder. Perhaps some access rights are being denied from there.

If that's not the issue, then confirm whether the user is read only or is a member of any other group that may be read only, since you've stated that "EVERYONE 6" is not read only.

the user is not a member or the Everyone 6 group but she is a member of a group that is linked as a domain trustee. 

I'm not sure why it was setup this way. It's confusing to have a group linked to another group so i'm not sure why it was setup this way. I have looked for read only groups and I did not find any. 

here is how the everyone 6 group is set on the user folder.

again I'm finding no Denys anywhere, plus its confusing that when I try to give her full access she does gain "see annotations" and "see through redactions"

I didn't see a response to this, but can you confirm that the user is not read only and is not a member of any group that is read only?

yes, I can confirm that the user is not read only and not apart of any read only group.