Data-level security filters

In addition to what modules and features a User Group can access, the model also uses data-level security filters. This table lists the security filters. User Groups that are EXEMPT from the security filters are tagged with an X.

• HR Organization - by default, each member of any User Group sees data in the context of their respective HR Organization.
• HR Organization Unit - by default, each member of any User Group sees data in the context of their assigned Organization Unit(s). This security filter is used to support security for the GHRBIRST-HRGeneralistActorOrgUnit.
• Reporting Relationship - users see data in the context of those employees within their direct reporting structure.
• Recruiter - users see data in the context of those Requisitions that have been assigned to them specifically.
• Security Entity - a type of HR Organization Unit-level security applied to a limited number of dimension tables from the Absence, Benefit, Compensation, Core GHR, Payroll, and Talent Acquisition modules. HR Organization Units that are available to a user are listed in the SecurityEntityActor business class, which is derived from the ActorOrgUnit business class by only including HR Organization Units that have been set as entities in the HRT application.

Data-level security relies on the information provided by the Identity Actor and Agent Records for the Landmark Actor to secure the data. If a user does not have these records, they are required to be manually added to the GHRBIRST-SecurityExemption Group to access any data. This group is located in the HR-Model space.