Who is this article for?

Ideagen EHSQ Enterprise or Decani Admin or Module Developer

Defined responsibilities and elevated access required.

The platform architecture attains scalability through the sharing of resources governed by a stringent security policy. The essential aspect of resource sharing is to ensure the maintenance of subscriber data separation.

Reporting Authorities are organized hierarchies designed to structure data and assist in restricting access to designated user groups.

• Each data object or record is allocated to a single reporting authority.
• Roles are assigned within a reporting authority.
• This combination of information enables the platform to determine who is authorized to access specific data and the actions they are permitted to perform.

Reporting authorities are set up in a hierarchical structure to restrain user access to certain areas.

If a user has access to a parent reporting authority, they will also be able to access all records linked to the child level reporting authorities. On the other hand, if a user only has access to a child reporting authority, they won’t have access to records related to the parent reporting authority or any sibling reporting authorities.

For example, a company could have a reporting authority structure at a Global company level and also by department.

If Joe has a role in Department A and Sally has one in Department B, Joe will only be able to see records related to Department A, while Sally will only see those related to Department B. This data separation applies to all searches and reports.

If Joe has a "View-only" role at the company level and a "Participant" role at the Department A level, he can view records throughout the organization. However, records linked to the company and Department B are view-only for him, and he can only edit records connected to Department A.

Access can also be fine-tuned based on the record's reporting authority level as well.