Data-level security filters
In addition to what modules and features a User Group can access, the model also uses data-level security filters. This table lists the security filters. User Groups that are EXEMPT from the security filters are tagged with an X.
Note: Users that are members of any User Group
that is exempt from security filters are automatically added as non-admin users to the
HR-Model space.
Note: These permissions are not applicable to Data Level Security Filters
related to Payroll sources. Only users with the GHRBirst - Payroll Administrator role are
exempted from payroll security filters.
- HR Organization - by default, each member of any User Group sees data in the context of their respective HR Organization.
- HR Organization Unit - by default, each member of any User Group sees data in the context of their assigned Organization Unit(s). This security filter is used to support security for the GHRBIRST-HRGeneralistActorOrgUnit.
- Reporting Relationship - users see data in the context of those employees within their direct reporting structure.
- Recruiter - users see data in the context of those Requisitions that have been assigned to them specifically.
Data-level security relies on the information provided by the Identity Actor and Agent Records for the Landmark Actor to secure the data. If a user does not have these records, they are required to be manually added to the GHRBIRST-SecurityExemption Group to access any data. This group is located in the HR-Model space.