Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Current »

Overview

Managing sensitive data effectively is crucial for maintaining data security and privacy within Upvise. The below information can help minimise the risk of unauthorized access to sensitive information.

Examples of Employee-related Data

Employee contact data is not auto-created in Workbench from your financial systems, giving you control over the data input into Workbench, and then synced across to upvise. It is recommended that you consider the data you want to store in upvise and make available to your different users. Some examples of data that you may consider reviewing are:

  1. Emergency Contact Information

  2. Onboarding Details

  3. Training Records

  4. Assigned Assets (e.g., boots, laptops)

Utilising User Types & Roles in Upvise

Using the method of forms to capture this data, you are able to restrict visibility using a combination of roles and user types from other employees.

For example, where standard user types can only access forms they have submitted, other standard users will not be able to see the data. The owner of a form is inherited by the user submitting the form.
Read more on Roles & User Types here.

Employee personal contact information can be captured in a form attached to their contact record in Upvise. This may include, but is not limited to, the following types of data which may be considered sensitive to the employee:

  • Residential Address

  • Personal Mobile Number (if they have a business phone)

  • Personal Email Address

  • Emergency Contact Information

  • Licenses and Certificates

Checking Upvise System Options & User Configuration

Upvise provides a number of options (setting) and user based configurations you can apply to help restrict access to contacts.

Contacts > Options > User Rights

  1. Data Shared by All Users

    1. When Data Shared by All Users is checked, all Contacts and Companies are accessible by all users, even Standard Users, who can otherwise only access the data they own.

    2. Disable this to prevent “Standard Users” from accessing contact & company data

  2. Standard Users can see other user's location

    1. Disable this to prevent Standard users from seeing other users location

Manage Users > Application Rights

Although “Data Shared by all users” will limit the data a standard users can access if owners are assigned, standard user permissions do apply where this is deselected.

If you need contacts to be available in forms etc, the best option is to hide the contact app from specified users. This is done on users application rights. This may be used for Manager type users where the setting above does not apply.

Other applications can be hidden in this menu

image-20240621-055510.png

My Account> Roles

  1. Review each role in your database to ensure that the role includes only the form people should have access to

    1. Apply the role to individual users as required

 What if I have sensitive data stored already in the workbench People record?

Employee contact data is not auto-generated in Workbench from your financial systems, giving you the ability to control what data is entered when you create each employee.

If you have recorded information on the person in workbench, and you no longer want that in upvise you should follow the below steps.

  1. edit the user in workbench

  2. Review data & remove contact data

image-20240621-060209.png

  1. Save user

  2. Navigate to Upvise integration and click “Export/Import” to trigger a sync.

The contact data you deleted will be removed from upvise on the contact.

  • No labels