Confidential Incident (Record Level Security)

Step-by-step Instructions:

A. 'Record Level Security' permission

1. When the Custom Setting (Public Key) for this feature is turned 'ON', a new permission 'Record Level Security' will be shown in the Permission screen. Users having this permission will be able to see the 'Confidentiality Details' section in the Reporting screen. 

B. Incident Reporting 

    2. A new section 'Confidentiality Details' will be shown in the Reporting screen if the 'Record Level Security' permission is enabled. This section will have two fields as given below:

• Would you like to make this incident confidential? → This field is used to categorize an Incident as Confidential/Non-Confidential.
• Authorized Team → This field is used to grant authorization access for a Confidential Incident to selected users.

       3. If 'Yes' option is selected then it will throw a confirmation alert as shown below.

        4. Clicking on the 'Ok' button in the confirmation alert will close the popup and display the 'Authorized Team' field (with the logged in user name by default).

   C. New Notification for Confidential Incident

       5. An immediate notification will be sent to the authorized users when an incident is made confidential. Clicking on the 'Incident ID' link will redirect the authorized users to the Incident Summary screen.

    D. Manage Incident List 

        6. Incident List Screen for Authorized Users:

• 'Incident ID' link remains enabled with complete data shown in all the columns of the grid.
• Authorized users will be able to delete a confidential incident if they have the required delete permission.

      7. Incident List Screen for Unauthorized Users:

• 'Incident ID' link will be disabled.
• 'Incident Title' will be masked with text 'Confidential'.
• 'Incident Reported As' and 'Incident Date' column will show the details.
• Unauthorized users cannot delete the confidential incident record even if they have the delete permission.    

 E. Incident Summary 

    8. Only Authorized users will be able to access the Incident Summary page for a Confidential Incident either by navigating through the list screen or notification link. A new label 'Confidential Incident' will be shown on the Incident            Summary screen. This will have 'Yes' or 'No' based on the response selected in the Reporting screen.

    9. 'Email Incident Summary' link in the Incident Summary screen will be disabled for the Incidents categorized as confidential (even if the authorized user has the permission for emailing Summary Report).

   10. Authorized user can download different Reports from the Summary Screen - Incident Summary Report, Vehicle Claim Report, Claim Report, Investigator Report, etc.

  F. Lessons Learned - Report Details 

     11. Once the 'Lessons Learned' link gets enabled in the Incident Summary screen as per the existing business rules, the authorized team members can click on the link and navigate to the 'Lessons Learned - Report Details' screen.

• 'Send Mail' and 'Assign' buttons in the 'Lessons Learned - Report Details' screen will be disabled for confidential incidents (even if the authorized user has the required permissions for sharing and assigning the Lessons Learned details).

   G. Case Management List 

      12. Case Management List Screen for Authorized Users:

• 'Case Number' link remains enabled with complete data shown in all the columns of the grid.

     13. Case Management List Screen for Unauthorized Users:

• 'Case Number' link will be disabled.
• 'Incident Title' will be masked with text 'Confidential'.
• 'Date Occurred' column will show the details.

      *Note: Every other List screens like - Lessons Learned, Claim List, Management review, etc. has similar implementation wherein the Authorized users will be able to see the complete set of data and the Unauthorized users                       will be able to see the record in the list screen but most of the data will be either blank or masked as 'Confidential'.

     H. IMS> Action Item List Screen

     14. Action Item List Screen for Authorized Users and Unauthorized Users:

• Incident ID column will  show the confidential incident icon.
• Data in the column 'Incident Title' will be masked with text 'Confidential' for all the Action Items linked to the confidential incident.
• Data in all the other columns will remain as-is.

     I. Action Item Details Screen

     15. Action Item Details Screen for Authorized Users and Unauthorized Users:

•  Data shown in the field 'Source Title' will be masked with text 'Confidential' for the action items linked to the confidential incidents.

      J. Calendar > Manage Action Items List Screen

      16. Calendar Action Item List Screen for Authorized Users and Unauthorized Users:

• Data in the column 'Source Title' will be masked with text 'Confidential' for all the Action Items linked to confidential incidents.
• 'View Incident Details' link in 'Reference' column will be disabled for the Action Items linked to confidential incidents.
• Data in all the other columns will remain as-is.

   K. Incident Summary Report

       17. Confidential Incidents will show an additional section 'Confidentiality Details' with names of the 'Authorized Team' members in the Summary Report.

  L. Notifications

• All the Incident Notifications (which includes Immediate notifications, Daily notifications for Location and Module) will be suspended for the Incidents categorized as Confidential.

          *Note: This suspension will be applicable from the point of time when the incident is marked as confidential. 

• Only the Action Item notifications will be triggered for a confidential Incident.