Managing who in an organization can see what is a real challenge in the software world. You could drive yourself crazy trying to create all sorts of role, each with slightly different permissions, and you would still run into privacy and visibility issues. That’s why it’s important to understand how SecureDB manages visibility and privacy. We call it, “the Reports To function”.
In every user’s profile, there’s a dropdown where you can select who this person “reports to” primarily. In this way, a hierarchy is built. Users can see DOWN that hierarchy, to everyone that reports to them and everyone who reports to those that report to them, and so on. However, that user CAN NOT see UP the hierarchy.
Company Example
Here’s an example company. In the following Accountability Chart, you’ll see all the people Avery Sinclair can see data for, because all of them report-up to him in one way or another.
If we looked at that same org chart from Thomas Li’s point of view, he would only see the people and data for his team because these are the only three that “report to” him. He cannot, however, see UP the chain (Avery) or ACROSS the train (Sofia and Nina).
Understanding Secondary “Reports To”
Now that you understand “Reports To,” you may have already noticed its limitation. What if Nina, who is in charge of HR, needs to see Thomas’ data except Thomas does not report to Nina up the chain? That’s why you’ll find a second field in each user’s profile called Reports To Secondary. In Thomas’ profile, we would add all the users who need to see his data, even if he does not report to them primarily through the hierarchy.
Exceptions to “Reports To” Function
Between Reports to and Reports to Secondary, we can confidently build the hierarchy of your organization with the right visibility and protect privacy, with just two simple fields. However, there are a few exceptions that skip these two functions.
- In a meeting, meeting attendees who have accepted the meeting invitation can see all the information added to that meeting that involve any other attendee in the meeting.
- In a Project, Project team members can see the Task and Task status for any other member who is a part of the Project.
- When initially creating an organization, the organization may be in temporary Implementation Mode, which skips all visibility while admins are building-out their organization.
There is one more super-admin example where a particular user may be granted “Integrator” status permanently. You’ll know this user has been granted this special privilege to skip all visibility rules when their is a “crown” next to their name in the Users table. This special permission can ONLY be granted by your account manager.
If your user role has permission to access it, you can also manage the “Reports To” hierarchy using the Setup Wizard.
UP NEXT: Meeting Invites
