Who is this article for?Users who are accessing Coruson on a browser.
Report Administrator permissions are required.
This guide will cover adding and configuring Confidential fields to a form. Confidential fields are useful when reports contain sensitive data that other users within your organisation should not be able to see. This guide will also cover adding permissions to a Group to allow the members to see the contents of the Confidential field.
- What Does a Confidential Field Look Like?
- How to Make a Field Confidential
- How to Make a Field Confidential Based on Form Rules
- How to Give Users Permission to View Confidential Fields
- Further Reading
1. What Does a Confidential Field Look Like?
Information contained within Confidential Fields will be concealed to users who are able to access a form either by being mentioned in the workflow or having Group Permissions to see a specific type of report.
When a user opens a report with Confidential Fields that they do not have permission to see, the word 'Confidential' will appear over the name of the 'Raised By' user and will also appear over any fields set to be Confidential.
If a Key Details field has also been set to Confidential then a user without permission would also see the word 'Confidential' when navigating the Report Register.
Important: The Report Raiser and any System-Wide Administrators of the tenant will be able to see the contents of the raised report regardless of their permissions.
2. How to Make a Field Confidential
- Go to Administration, then Reporting Admin, then finally Forms.
- Open the form you need to edit.
Reminder: You can only edit a draft form. If your form is active then you will need to revise it.
- Click on the field on the form and click on the actions button, then Edit.
- Click Not Confidential to toggle this to Confidential.
Looking for more information on field settings? Visit How to Configure Field Settings for details.
3. How to Make a Field Confidential Based on Form Rules
There may be occasions when a field only needs to become Confidential if a specific option on another field option has been select.
Example: If a Form was created to record details of an injury and the contents of the report concerned a near-miss then the report would not need to be confidential. However, if an injury had occurred then the contents of the report would need to be confidential as this would be deemed as sensitive data.
To apply a rule:
- Go to Administration, then Reporting Admin, then finally Forms.
- Open the form you need to edit.
Reminder: You can only edit a draft form. If your form is active then you will need to revise it.
- Click on the field on the form and click on the actions button, then Edit.
- Click Add to Add a rule.
- Enter a clear and concise name for the rule.
- Add a new condition block.
- Set the criteria for the rule being effective (e.g. If Issue Type Equal To Injury).
- Click Not Confidential to change this to Confidential.
Reminder: Rules can only be based on selection items such as dropdown lists or button groups. Free text fields cannot be used in rules.
4. How to Give Users Permission to View Confidential Fields
There may be some situations in which users should be able to see the contents of the Confidential Fields on a form. These permissions can be set up within Groups.
- Go to Administration, then People & Security, then finally Groups.
- Create or choose an existing group of users who these permissions should be applied to.
- Click the tab for 'Security' and then the sub-section for 'Reporting'.
- Scroll to the bottom of the page to find a section titled 'Report Record Access'.
- Click the button to display the Rule menu.
- Configure the access you need.
- Repeat the steps for any additional permissions / forms required.
Important: Granting group permissions will not only allow the groups users to view the contents of Confidential Fields, it will also grant them permission to view every report that has been raised for that specific Form type.
Article Comments
1 comment
Can a report raiser see a confidential field after a report has been submitted?