Setting Sensitive Data
Enabling Sensitive Data
You need to have ‘Sensitive data’ enabled within your organisation’s settings to use this functionality. When enabled, you will see a ‘sensitive data’ toggle when opening an activity.
Setting Permissions
When an activity has been marked as sensitive, there will be a new padlock icon on the activity edit screen.
Clicking the padlock icon will open a pop-up window where you can set the access permissions for the activity. Within this window, you can choose to limit access to only relevant individuals by saying that ‘Everyone’ has no access, and named individuals or roles have access - for example, an activity that contains sensitive notes from a therapy session that only relevant practitioners should see. Alternatively, you can restrict particular individuals from viewing the activity by saying that ‘Everyone’ has access and named individuals or roles have no access - for example, when a relative of the service user works within the team but should not see particular notes on the person’s record.
Accessing the activity
A ‘Sensitive’ label will be added to the form in the activities screen.
The access permissions can be accessed and edited from both open and closed activities. Users with Administrative permissions will be given access by default, to account for situations where a staff member leaves or information needs to be retrieved (except in situations where access to a user with Administrative permissions has been explicitly denied).
If you have not been given permission to access an activity and attempt to open it, you will be presented with an ‘Access Denied’ error message.