Confidentiality Flag

Explanation of the Confidentiality Flag in TDX, what sets the value, why, and what can be done to work with it.

Summary

This article relates to the Confidentiality flag on a Person record in TDX. The vendor has a public article in their KB with detailed information about the confidentiality flag: https://solutions.teamdynamix.com/TDClient/1965/Portal/KB/ArticleDet?ID=101557

Identifying a Confidential Person

A technician, in TDNext (https://support.uidaho.edu/TDNext/Home/Desktop/Default.aspx) can navigate to the People tab (waffle menu in the top left -> People) and search for the individual (by V number, email, or name). Confidentiality shows up in two locations:

In the actual People Search there is a Confidential column:

When looking at a person's record as a technician:

As a technician look at a ticket, the Requestor section will indicate confidentiality:

University of Idaho Use

UI has certain confidentiality requirements, especially for student records: https://www.uidaho.edu/registrar/students/studentrights. However, there are other considerations as well which provide for confidentially marked employees and faculty. Those use-cases, and processes, and handled by human resources, and for information about those things you will need to reach out to HR directly as they do not currently have a published webpage with information or forms.

As a result of these requirements the confidentiality flag in TDX was implemented. It is setup to match the confidentiality flag in Banner, specifically the SPBPERS.spbpers_confid_ind field. This field currently has three possible values in Banner, 'Y', 'N', and null. The automation defaults to FALSE, only seeting confidentiality on a TDX record if that field is 'Y' specifically. This is because confidentiality is an opt-in feature.

Impacts

As documented in the TeamDynamix article, there are certain restrictions to who can interact with a confidentially marked person in TDX. Specifically:

• The Person Details page will be completely hidden for Confidential people. If an unauthorized person attempts to open the person's Person Details page, they will see a Person Not Found page. 
• Person typeaheads and lookups such as the Requester field or a Person Custom Attribute will omit Confidential people.
  • This is the biggest issue; other than the exceptions below it is not possible to search for a confidential person in any of the person selector boxes, meaning another customer cannot create a ticket on behalf of a confidential person

Exceptions to the visibility for confidential people:

• A Confidential user can see their own user record in the Person Details, typeaheads and lookups. 
• TDNext users with the People application can see Confidential people in the client portal.
  • For UI, this is any technician, in any module, we grant People by default to all technicians
• Users can see their own manager and the people they manage in the client portal, even if they're marked as Confidential. This is based on the Reports To field. This will cascade up and down the hierarchy. For example, if User A manages User B and User B manages User C, then User A will be able to see User C and vice versa, even if they are marked as confidential. 
• Users who manage a group or a resource pool can see Confidential members of that group or resource pool. 
• Users who are on a project or project request together can see the Person Details page, even if the person is Confidential, but this relationship does not apply to typeaheads and lookups. "On a project or project request together" includes the following roles:
  • Project Request Requester 
  • Sponsor
  • Evaluator
  • Project Resources/Team Members
  • Project Manager, Alternate Project Manager, Workspace Owners
  • Portfolio Manager 
  • Contacts
  • Stakeholders

Solutions

If someone is marked confidential and that is causing issues with others searching for and selecting the individual in TDX there are a few steps to follow:

1. To begin, we have to assume someone is marked confidential for legitimate reasons, and should work to honor that confidentiality as best as we can
   • Reach out to the individual who is marked confidential and discover if this was set intentionally, or as a by-product of "a confidentiality check box was put in front of me so I clicked it"
2. If the individual no longer needs to be confidential, then they need to work through the process to have the confidentiality flag removed
   • For students they should contact the Registrar's Office: https://www.uidaho.edu/registrar/about
   • For employees they should contact Human Resources: hr@uidaho.edu
3. If the individual must remain confidential
   • The ticket should, if at all possible, be submitted by the confidential individual
   • A technician can assist in setting up the ticket, with the person filling out the request as themselves and indicating the email of the confidentially marked person so the technician can edit the ticket to correct the requester
   • It is possible the requester may need to be set up as a technician, or otherwise given People module access
     • This is an absolute LAST resort, as it bypasses the entire purpose and point of the confidential flag, including bypassing the flag for someone other than the individuals involved in the request, who might be marked confidential because of the individual requesting the ability to bypass
     • This CANNOT be given to student accounts, for any reason.
     • Likewise, this cannot be given to vendors or non-employee affiliates
     • It can only be given to employee accounts, listed as employees, as those are the only ones confirmed to have completed required employee training