[10.0.2] DS Release 27 June 2023 - Site-specific Sensitive Persons selection
-
When: Tuesday 27 June 2023
- What: A clear way to define sensitive access to Sites for Sensitive Users
- Who gets the change: All clients
Site-specific Sensitive Persons selection for Sensitive Events
Existing functionality
Until recently, in Safety there were two options for a Sensitive User’s access to Sensitive Events:
-
“Global Sensitive Users” - when this option was switched on, any Sensitive User could be allocated to any Sensitive Event registered in Safety as the Event's Sensitive Person, even despite that fact that the Event may be related to a Site outside of the Sensitive User’s assigned Organisational Structure. As a result, a Sensitive User could be be allocated to Sensitive Events that were not appropriate for their access level.
-
When the “Global Sensitive Users” option was switched off, a Sensitive User could only be allocated to a Sensitive Event if the Sensitive User’s underlying Worker record was linked to the exact same Site as the Sensitive Event. This was very limiting, and therefore most Safety clients were using the “Global Sensitive Users” option.
Changes in this Release
Sensitive User configuration
We have changed a Sensitive User’s access to Sensitive Events to be explicitly based on the Sensitive User’s assigned Organisation Structure - all of it or only the selected Sites.
In Settings > Users > User Authorisation, for a user who is flagged as a Sensitive User, Safety now allows user administrators to select all or part of a Sensitive User’s assigned Organisational Structure as their “Sensitive Event Access Sites”.
Sensitive Person assignment in a Sensitive Event
When assigning Sensitive Person(s) to a Sensitive Event, the people available to be assigned are those who:
- Are configured as a Sensitive User for the event's Accountable Site as outlined above.
- Have Edit Event user permission for the event's Accountable Site.
"Global Sensitive User" setting
We have removed the “Global Sensitive User” setting. It was introduced to allow assigning a Sensitive User to a Sensitive Event that happened outside of that Sensitive User’s (or rather their underlying Worker’s) own site. Now that we have removed this very strict limitation, each Sensitive User will be able to oversee multiple sites from the Sensitive Event perspective, and this will be easy to set up via their User Authorisations.
For companies that have “Global Sensitive User” option switched on, we have updated all existing Sensitive Users' records so that they have Sensitive Access to all Sites in their Assigned Org Structure. This will ensure that for any new Sensitive Event, there will be a pool of Sensitive Users to choose from.
Impact on existing Sensitive Events
There is no impact on any existing Sensitive Events. Any existing assignment of Sensitive Users to Sensitive Events have remained unchanged.
Impact on non-Sensitive Users
There is no change for the users not flagged as Sensitive Users.