The management of access rights is based on the defined team of the personnel file shelf. Additionally, categories can be used to assign fine-grained access rights to personnel files, personnel file folders and documents.
Finally, the security concept allows defining retention rules and access by employees and supervisors.
Note: ACL is the abbreviation for “Access Control List” and defines the access rights from a technical point of view.
By default only team members have access rights.
Note: Access rights can also be defined by defining access for employees and supervisors.
Categories of personnel files, personnel file folders and documents can define access rights, retention rules and automatic follow-ups.
On the “Permissions” tab following fields are provided:
Retention worthy documents cannot be deleted as long as the personnel file is “Active”. The retention worthiness can be defined by the assigned category. To do so, in the category, on the “Retention” tab, the Retention Worthy field must be marked.
Retention periods prevent the deletion of personnel files or documents until the time limit expires. Retention periods cannot be backdated.
Retention periods are, for example, used to prevent the deletion of documents for a certain period of time after an employee leaves the company.
Categories Define the Retention Rules
In the category of personnel files or documents a retention rule is defined (example: retention period of 30 years after an employee leaves the company).
To do so, in the category, on the “Retention” tab the Retention Worthy field must be marked. The Retention Period and Base Date for the Beginning of the Retention Period fields the retention period can be defined.
Apply Rules When Closing a Personnel File (Default Method)
The background task applies the rule defined in the category at a defined point in time (example: one day after the separation date the rule is applied).
Configure a default category for personnel files in the personnel file configuration or shelf. In the category, specify a default background task that starts a process that contains the “Close Personnel File” activity. For example, select “1 day” for the time interval, “After” as operator and “Separation Date (Personnel File)” entry as base date for the time interval. This will start the close process one day after the separation date. The retention periods are calculated and applied on closing.
Apply Rules With Background Tasks (Alternative Method)
The background task applies the rule defined in a category at a defined time (for example, the rule is applied one day after the separation date is reached).
The background tasks can be defined either in the personnel file shelf on the “Settings” tab in the Default Background Tasks field or in the category on the “Background Tasks” tab.
In the background task, in the Action field the Determine Retention Period Based on the Category entry must be selected. The execution of the background task is based either on the Time Interval and the Base Date for Time Interval or is based on a specific Date. The base date may refer either to a date field of the document or on a date field of the assigned personnel file.
The background tasks assigned to the individual personnel files or documents can be viewed on the “Retention” tab in the Background Tasks field (only visible if at least one background task is available). The background tasks are taken from the personnel file shelf and from the assigned category. If default background tasks are changed in the personnel file shelf or category, they are not adopted automatically. An update can be performed via the context menu command “Update Background Tasks”.
After the retention period documents can be deleted again. To delete documents automatically or to start a workflow to confirm the deletion, categories and background tasks can also be used.
To do so, add in the category that defines the retention period, an additional background task. In general, it makes sense to define the Retention Period as base date for the execution of the task. As action, you can either select “Delete Automatically”, “Delete Automatically (Documents of Closed Personnel Files Are Not Deleted)” or “Start Process”. If you want to start a process, you must also specify the process. In the process, a task with the activity “Retention Period Exceeded” should be defined.
When the background task is executed, the process is started and can be processed by the defined users in the worklist. The “Retention Period Exceeded” activity provides the steps “Delete”, “Extend Retention Period” and “Accept”.
Note: The access rights granted during temporary access correspond to the access rights granted to the assigned user.
If certain documents should be inaccessible or changeable, a category can be used to define special ACLs: