|Available for||User roles||Super Admins, Admins, Team Members, Limited Team Members|
|Plans||All plan types, free of charge|
Please note: This article references enhancements that are being rolled out as part of the Spring 2020 Release. They may not yet be available in your account. If you would like to learn more, please reach out to our support team or your Customer Success Manager.
Lever’s flexible permissions allow for granular control over who has access to your most sensitive hiring data. These new Privileges can be granted to users who are Admins, Team Members or Limited Team Members, and scoped to candidates associated with jobs within specified departments, teams, locations, or individual job postings. More granular Sensitive Information Privileges make it easy to grant every user of your account access to all of the information that they need, and nothing more.
What’s considered Sensitive Information?
The following types of data and actions fall under the umbrella of Sensitive Information:
- Secret objects
- Secret notes
- Secret forms
- Secret emails
- Secret files
- Secret application questions
- Hired candidate profiles
- Editing sensitive fields on job postings
- Hiring manager
How do I grant access to Sensitive Information?
Access to Sensitive Information is granted through the user editor. Navigate to Settings and then click on Users. Find the user that you want to edit and click on their name. Click on the "Access" tab and scroll down to "Additional permissions". From here, you can turn on the Sensitive Information Privileges slider to open the configuration menu. Mark the appropriate permissions for the user. Then select which candidates this user will have these permissions for by selecting a set of postings, either by category or a posting-by-posting basis.
For example, suppose we are configuring the Sensitive Information Privileges for a Team Member. This user has access to all candidates (because they are a Team Member) and we also want them to be able to view all secret notes, offers, and hired profiles for our engineering positions. We would configure the user like this:
Who can grant Sensitive Information Privileges?
The ability to grant Sensitive Information Privileges is now an explicit permission. In order to edit a user's SIP, you must be able to edit that user AND be granted the explicit permission. Here is a table that shows which users you are able to edit. Note that you are never allowed to edit your own user.
|If your Access Role is...||You can edit...|
Super Admins, Admins, Team Members, Limited Team Members, Interviewers
Admins, Team Members, Limited Team Members, Interviewers
Limited Team Members and Interviewers
|Limited Team Member||None|
Can I give a specific user one-off access to an individual sensitive object, such as a secret note?
- Secret notes
- Secret feedback
- Secret forms
- Offers (learn more)
Who will have access to view Hired candidates?
- Super Admins
- Job posting owner of the job posting that the candidate was hired for
- Job posting hiring manager of the job posting that the candidate was hired for
- Admins and Team Members who have Sensitive Information Privileges for the job posting that the candidate was hired for
How do Sensitive Information Privileges work with confidential postings?
The confidential posting access list will always supersede Sensitive Information Privileges. In other words, a user must be on the Access List for a confidential posting AND be granted Sensitive Information Privileges for that posting in order to see any sensitive objects. For example, if a user is tagged in a secret note on an opportunity associated with a Confidential posting, the tagged user will not be aware of that note, nor have access to it unless they are been added to the access list for that posting.