Field-level security

[jmichell]

Hi folks.
We're implementing the Membership System of PC9. We'd like to know if there is any way of restricting access to a particular field, such as the results of a police check.
If anyone who has Access level permissions to the data in the Membership System can see all fields within that data, then we won't be able to store any private information in the system.
Is that right?
Thanks.
John

[NeilZ]

Hi folks.
We're implementing the Membership System of PC9. We'd like to know if there is any way of restricting access to a particular field, such as the results of a police check.
If anyone who has Access level permissions to the data in the Membership System can see all fields within that data, then we won't be able to store any private information in the system.
Is that right?
Thanks.
John

There is no field level security in the system, only module security. However, you don't want everyone in the church to have access to the entire database anyway.

We have ours blocked out like this:

Church Secretary - can access/update mailing list & profiles. Cannot delete profiles, our Clerk of Session can only do that for members, and I do that for anyone else. No access to services or visitations.

Clerk of Session - full access/delete capabilites to mailing list, profiles, attendance and activities. No access to services or visitations.

Pastors - Read access only to mailing list & profiles, but full access to services & visitations, etc.

If all you want is the ministry heads to have access to the activity list and the mailing address, you can limit them to that.

That said, how granular are you looking to make the security ??

[jmichell]

Thanks for listing your access types, Neil. We are planning something similar.
Our church school teachers must pass police checks before they are allowed to work with the children. The fact that a given member has failed a police check needs to be known only by a very small grouip within the church. It would be convenient to store the fact that they have passed or failed the check within PCPlus, but if anyone who has access to profiles can see this data, we will have to exclude it from the profile data.
Does this sound reasonable to you?
John

[NeilZ]

Thanks for listing your access types, Neil. We are planning something similar.
Our church school teachers must pass police checks before they are allowed to work with the children. The fact that a given member has failed a police check needs to be known only by a very small grouip within the church. It would be convenient to store the fact that they have passed or failed the check within PCPlus, but if anyone who has access to profiles can see this data, we will have to exclude it from the profile data.
Does this sound reasonable to you?
John

Very much so ... That's the sort of data you keep under lock & key. While PC+ has alot of security built-in, anything on a computer can be copied and broken open by someone determined to do so.

I would either get a file cabinet safe, or do like we did in the military to provide security for stuff that wasn't classified, but needed extra protection. Modify a regular file cabinet with a steel bar to prevent the drawer from opening, and use a high security lock.

Even churches can be sued for defamation of character !!