Damstra Safety has a Sensitive Events feature within the Events module. The Sensitive Events feature is designed to override User Access and only present Events to selected individual(s) due to it containing confidential or Sensitive information that should not be seen by other Users.
How does the Sensitive Events feature work?
- Users can mark an Event as 'sensitive' when adding an Event via Damstra Safety directly
Users can mark an Event as 'sensitive' via a Web Portal form or via the Notify app if this is enabled via VForms Portal settings
Administrators can optionally define a minimum number of sensitive users that must be given visibility of a sensitive event whenever a new Sensitive Event is submitted.
- Administrators can optionally apply site filtering to restrict the assignment of sensitive users to only those from the site where the event occurred
Only users marked as ‘Sensitive Users’ via User Authorisation may be given visibility of a sensitive event.
Only those Sensitive Users explicitly selected to be given visibility of a particular sensitive event can view / edit the details of the event. The Event will be hidden from all other Users.
Sensitive Users may be assigned as a Standard Investigator to a sensitive event even if they are not designated as an 'Investigator' in their Worker record.
Any person can be assigned to Corrective Actions associated with a Sensitive Event, but only Sensitive Users with visibility of the underlying Sensitive Event will be given the underlying Event details in the notification email.
How do I mark a User as a 'Sensitive User'?
In User Authorisation from within the Settings menu, there is a tick box option for a 'Sensitive User'.
By ticking this box the person attached to the login is assigned to a register of users that can be allocated to a Sensitive Event.
How do I flag an existing Event as a 'Sensitive Event'?
In the Event form, there is a tick box to mark whether an event is Sensitive or not. After ticking this box, a new search field will appear.
You will need to search for and select the Sensitive User(s) who should be given visibility of the Event. If a minimum number of Sensitive Users has been set by your Organisation, you will need to select at least that number of Sensitive Users, though you may optionally select more.
How will Sensitive Users know that there is a new Sensitive Event for them to review?
The selected Sensitive User(s) will receive an email notification advising that they have been assigned as a Sensitive User to a Sensitive Event.
They can now view the event from their register as they would any other event.
This will not show for any user other than the individual who it has been assigned to.
How do I set up Sensitive Event Site filtering?
The Sensitive Event feature can be configured to have site filtering applied when assigning the people who can access a Sensitive Event.
- The configuration is done via the Global Sensitive Users checkbox in the Settings > Options and Preferences screen.
- By default, this checkbox is ticked so the system will allow anyone designated as a Sensitive Person to be assigned to any Sensitive Event.
If you untick the checkbox
1. Someone creating or editing a Sensitive Event in the Damstra Safety web application can only assign a particular Sensitive Person to the event if ALL of the following are true:
- The Sensitive Person is someone whose worker or contractor worker record is visible with the Site Selection filter applied by the person creating or editing the Sensitive Event
- The Sensitive Person's user record has both of the following:
- The Sensitive User checkbox is ticked,
- The Sensitive User's access permissions provide a minimum of Read Access for the Risk > Events > Events Registers permissions node for the Accountable Site of the Sensitive Event.
2. Someone creating a Sensitive Event in the web portal can only assign a particular Sensitive Person to the event if ALL of the following are true:
- The Sensitive Person is someone whose worker or contractor worker record is visible in the web application with the Site Selection filter configured in the same way as the portal's site configuration.
- The Sensitive Person's user record meets both of these criteria:
- The Sensitive User checkbox is ticked
- The Sensitive User's access permissions provide a minimum of Read access for the Risk > Events > Events Registers permissions node for the Accountable Site of the Sensitive Event.
3. On the Add Event and Edit Event screens , the Accountable Site and Department fields are shown before the Sensitive Event checkbox, so that the relationship between site selection and sensitive user selection is clear.
4. On the Edit Event screen, the order of the Reporter/Person Involved and Location & Subject accordions are swapped so that the relationship between the site selection and sensitive user selection is clear.