...
Overview
Managing sensitive data is a critical aspect of effectively is crucial for maintaining data security and privacy when using within Upvise. The approach recommended below reduces below information can help minimise the risk of unauthorized access to sensitive information.
1. Review Employee Contact Information
Employee personal contact information should can be captured in a form against the employee attached to their contact record in UpviseTypes of sensitive data can include . This may include, but is not limited to, the following types of data which may be considered sensitive to the employee:
Residential Address
Personal Mobile Number (if they have a business phone)
Personal non-work provided email address
Emergency contact information
Licences and certificates etc
...
.Personal Email Address
Emergency Contact Information
Licenses and Certificates
2. Examples of Employee-related Data
Employee contact data is not auto-created in Workbench from your financial systems, giving you control over the data input into Workbench, and then synced across to upvise. It is recommended that you consider the data you want to store in upvise and available to your different users. Some examples of data that you may consider reviewing are:
Emergency Contact Information
Onboarding Details
Training Records
Assigned Assets (e.g., boots, laptops)
3. Utilizing Forms and Roles in Upvise
Using the method of forms to capture this data, you have the ability to hide this from unauthorised employees. Standard & Manager type users are only able to access forms that are included in their role. Standard users can only see forms that they have submitted. are able to restrict visibility using a combination of roles and user types from other employees.
For example, where standard user types can only access forms they have submitted, other standard users will not be able to see the data. The owner of a form is inherited by the user submitting the form.
Read more on Roles & User Types herehere.
4. Checking Upvise System Options & User Configuration
Upvise provides a number of options (setting) and user based configurations you can apply to help restrict access to contacts.
Contacts > Options > User Rights |
|
Manage Users > Application Rights | Although “Data Shared by all users” will hide the contact module for standard users, you can in addition to this, remove the contact app from specified users. This may be used for Manager type users where the setting above does not apply. Other applications can be hidden in this menu
|
My Account> Roles |
|
| Expand | ||
|---|---|---|
| ||
Employee contact data is not auto- |
...
generated in |
...
Workbench from your financial systems, |
...
giving you |
...
the ability to control |
...
what data |
...
It’s recommended that before implementing Upvise, you remove any Sensitive data and migrate this to Upvise Contact forms.
See below an example of data to be reviewed:
...
is entered when you create each employee. If you have recorded information on the person in workbench, and you no longer want that in upvise you should follow the below steps.
The contact data you deleted will be removed from upvise on the contact. |
| Expand | ||
|---|---|---|
| ||
In Upvise, you can use a form template to capture employee-related information and you can use roles to restrict the visibility of this to specified users. Examples of Contact forms may include: a) Employee Emergency Contact Information b) Employee Onboarding Form c) Training Records d) Assigned assets (e.g. boots, laptops etc) Forms can be made easily accessible from the contact record by using Buttons. Form data related to that employee is available on the contact record, see the example:  To enable users to access the form, you should use roles. Read more about Users and Roles See the example role configuration:  Apply the role to the users who should have that particular level of access:  |