Using position security in Chris21 to limit access to staff data

Position security in Chris21 can be an unfamiliar or misunderstood concept amongst Chris21 users. Essentially its purpose is to restrict access to the data belonging to certain groups of staff members by Chris21 users. For instance, you may want to set up position security in Chris21 so that a junior payroll officer can’t access details of executive staff members.

You will be aware of the Security Level fields on both the Position Table (PDT) and Position (POS) forms.

These fields are used to control the security access of Chris21 users to employee records within your organisation. Security Level 9 is the highest, while 1 is the lowest. If you assign a Security Level to a PDT record, this level will default to staff members who are assigned to that position. You can override this by changing the Security Level on individual POS records.

These fields are in turn linked to the Security Level field on the Privileges (ATT) form to control position security in Chris21. The setting on ATT determines the access that a Chris21 user is granted.

If the Security Level on an employee’s position record is set higher than the Security Level on the Chris21 user’s profile then the Chris21 user will not be able to access that employee’s details.

In the example shown above, the Chris21 user assigned to the PAYROLL security profile has access to Salary (SMN) records where position security is set to 5 or lower. The SMN records associated with any staff member whose position Security Level is higher than 5 will not be accessible to this Chris21 user.

You need to take care if using HR21. The same security restrictions apply. Therefore, the security profile that is assigned to HR21 users will need to have the appropriate Security Level so that managers can access all of their staff details. It is usually appropriate to grant HR21 users the highest level of 9 to avoid any issues.

One final thought. Chris21 always defaults to Security Level 5 on PDT, POS and ATT. If you decide to use position security you will need to ensure you manually change the ATT Security Level as appropriate.