...
Overview
Managing sensitive data is a critical aspect of effectively is crucial for maintaining data security and privacy when using within Upvise. The approach recommended below reduces below information can help minimise the risk of unauthorized access to sensitive information.
Examples of Employee-related Data
Employee contact data is not auto-created in Workbench from your financial systems, giving you control over the data input into Workbench, and then synced across to upvise. It is recommended that you consider the data you want to store in upvise and make available to your different users. Some examples of data that you may consider reviewing are:
Emergency Contact Information
Onboarding Details
Training Records
Assigned Assets (e.g., boots, laptops)
Utilising User Types & Roles in Upvise
Using the method of forms to capture this data, you are able to restrict visibility using a combination of roles and user types from other employees.
For example, where standard user types can only access forms they have submitted, other standard users will not be able to see the data. The owner of a form is inherited by the user submitting the form.
Read more on Roles & User Types here.
Employee personal contact information should can be captured in a form against the employee attached to their contact record in UpviseTypes of sensitive data can include . This may include, but is not limited to, the following types of data which may be considered sensitive to the employee:
...
Residential Address
Personal Mobile Number (if they have a business phone)
Personal non-work provided email address
Emergency contact information
Licences and certificates etc
By using forms to capture this data, you have the ability to hide this from unauthorised employees.
Standard & Manager type users are only able to access forms that are included in their role. Standard users can only see forms that they have submitted.
Read more on Roles & User Types here
...
Email Address
Emergency Contact Information
Licenses and Certificates
Checking Upvise System Options & User Configuration
Upvise provides a number of options (setting) and user based configurations you can apply to help restrict access to contacts.
Contacts > Options > User Rights |
|
Manage Users > Application Rights | Although "Data Shared by All Users" limits data access for standard users if owners are assigned, standard user permissions will apply when this option is deselected. If you need contacts available in forms, the best approach is to hide the Contacts app for specific users through the users' application rights. This method is useful for Manager-type users where the above setting does not apply. You can also use forms to ringfence data to role based users. Other applications can also be hidden using this menu.
|
My Account> Roles |
|
| Expand | ||
|---|---|---|
| ||
Employee contact data is not auto- |
...
generated in |
...
Workbench from your financial systems, |
...
giving you |
...
the ability to control |
...
what data |
...
It’s recommended that before implementing Upvise, you remove any Sensitive data and migrate this to Upvise Contact forms.
See below an example of data to be reviewed:
...
is entered when you create each employee. If you have recorded information on the person in workbench, and you no longer want that in upvise you should follow the below steps.
The contact data you deleted will be removed from upvise on the contact. |
