What is Sensitive Information and how do I grant users access to Sensitive Information?

Follow
Available for User roles Super Admins, Admins, Team Members, Limited Team Members
Plans All plan types, free of charge

Lever’s flexible permissions allow for granular control over who has access to your most sensitive hiring data. These new Privileges can be granted to users who are Admins, Team Members or Limited Team Members, and scoped to candidates associated with jobs within specified departments, teams, locations, or individual job postings. More granular Sensitive Information Privileges make it easy to grant every user of your account access to all of the information that they need, and nothing more. 

What’s considered Sensitive Information?

The following types of data and actions fall under the umbrella of Sensitive Information:

  • Secret objects
    • Secret notes
    • Secret forms
    • Secret emails
    • Secret files
    • Secret application questions
  • Offers
  • Hired candidate profiles
  • Editing sensitive fields on job postings
    • Team/department/location
    • Owner
    • Hiring manager

How do I grant access to Sensitive Information?

Access to Sensitive Information is granted through the user editor. Navigate to Settings and then click on Users. Find the user that you want to edit and click on their name. Click on the "Access" tab and scroll down to "Additional permissions". From here, you can turn on the Sensitive Information Privileges slider to open the configuration menu. Mark the appropriate permissions for the user. Then select which candidates this user will have these permissions for by selecting a set of postings, either by category or a posting-by-posting basis.

For example, suppose we are configuring the Sensitive Information Privileges for a Team Member. This user has access to all candidates (because they are a Team Member) and we also want them to be able to view all secret notes, offers, and hired profiles for our engineering positions. We would configure the user like this:

mceclip0.png 

Who can grant Sensitive Information Privileges?

The ability to grant Sensitive Information Privileges is now an explicit permission. In order to edit a user's SIP, you must be able to edit that user AND be granted the explicit permission. Here is a table that shows which users you are able to edit. Note that you are never allowed to edit your own user.

If your Access Role is... You can edit...
Super Admin

Super Admins, Admins, Team Members, Limited Team Members, Interviewers

Admin

Admins, Team Members, Limited Team Members, Interviewers

Team Member

Limited Team Members and Interviewers

Limited Team Member None
Interviewer None

Can I give a specific user one-off access to an individual sensitive object, such as a secret note?

Yes, you will be able to give one-off access to all of the following secret objects to users within your account:
  • Secret notes
  • Secret feedback
  • Secret forms
  • Offers (learn more)

Who will have access to view Hired candidates?

  1. Super Admins
  2. Job posting owner of the job posting that the candidate was hired for
  3. Job posting hiring manager of the job posting that the candidate was hired for
  4. Admins and Team Members who have Sensitive Information Privileges for the job posting that the candidate was hired for 

How do Sensitive Information Privileges work with confidential postings?

The confidential posting access list will always supersede Sensitive Information Privileges.  In other words, a user must be on the Access List for a confidential posting AND be granted Sensitive Information Privileges for that posting in order to see any sensitive objects. For example, if a user is tagged in a secret note on an opportunity associated with a Confidential posting, the tagged user will not be aware of that note, nor have access to it unless they are been added to the access list for that posting. 

Was this article helpful?
0 out of 0 found this helpful