Incident Report Data Security
Anonymous Reporting
The ability to feel safe when reporting incidents is of vital importance. If the feeling of the potential for retaliation inhibits someone from reporting an incident, then you lose an important opportunity to hear about something that could be critical to the security of your company, or even a crime that was committed.
For this reason, we allow incidents to be reported anonymously. This is made available by the Anonymous checkbox on the report form itself.
Once this is set, all personally-identifying data is removed from the incident report. This includes the reporter name, details about who created the record and the time it was created (only the date is retained), along with permissions to view the record (which are removed so that information cannot be used to identify who reported it).
However, it should be noted that there may be other system-level ways of discovering who reported an incident. Server logs, beyond what our platform controls, may record who went to the incident report page at a specific time, and this could potentially be used to get an idea of who may have reported the incident. This is why it's important to have a policy to secure such information from unauthorized access.
Confidentiality
The confidentiality of an incident report may be very important to an organization, depending on the information it may contain. Our platform provides layers of security within its incident reporting workflow to safeguard data.
By default, incident reports are assigned to the designated department's incident assignee. If no incident assignee is set, the default assignee of the department will be assigned to the incident report. Both of these are set in the Departments sub-tab in Configuration.
Note: If for some reason a department has neither an incident assignee or default assignee, any incidents reports created for that department will be assigned to the user's manager or the user will be asked to select a different department if the user's manager is not set.
The incident report can then be invite other staff members to add witness testimony, investigate or resolve the incident. They can also use the "What's Next / Invite Others" action to let other staff members see the incident. (If the incident is marked as Sensitive, a warning will be displayed if they do this).
Every input request becomes a record assigned to the user it is requested from and remains so after they provide details. This means records created and assigned to each witness or consultant will not be viewable to one another, only ones assigned to themselves. The incident reporter will also not be able to view any input request record or input record made.
Only the incident report assignee(s) will be able to view any and all records within it and any input record provided by the incident assignee(s) will only be viewable by themselves.
Note: Even admin users cannot view records of any incident reports.
Hide Details
In cases where the details or attached files of an incident report may contain personally identifiable or sensitive information that should not be seen by witnesses, consultants, or those being investigated, it can be made hidden within the incident report.
To limit the visibility of an incident report's details and attachments, click on its action menu and click on "Hide Details".
The details and attachments of an incident report submitted by the incident reporter will now be located in its own record entry.
Only the assignee(s) of the report and the incident reporter will be able to access this record.
Note: Hide Details will move data in the Details field of an incident report into a record, along with any file attachments the incident reporter has uploaded.