Hiding addresses in Search Window
Options
We control security by Constituent Codes.
But when it comes to search screens and queries it seems there are only 2 global options:
1 - Allow everyone's names & full address to be visible in search screens no matter a user's viewing permissions.
2 - Only allow the names & addesses to be visible in search screens for constituents a user has permission to view,
(Just took me an age to find these options hidden away here
The problem is that #1 is really helpful for preventing dupes, but applied universally it creates potential security issues as the home addresses of staff who happen to be donors or major donors are available to anyone who knows their name.
We're now quite a large org and it's not really approporiate for the 60+ users all to be able to see the CEO's home address just becauase he once made a donation to us. And potentially any of the 60+ could have an issue with their manager & work out where their house is.
But the only alternative is that no-one can will know about potential duplicates creating a lot of work for me.
Am I right about this? Does anyone have any workaround, or ideas about how to work around this?
Matt
But when it comes to search screens and queries it seems there are only 2 global options:
1 - Allow everyone's names & full address to be visible in search screens no matter a user's viewing permissions.
2 - Only allow the names & addesses to be visible in search screens for constituents a user has permission to view,
(Just took me an age to find these options hidden away here
The problem is that #1 is really helpful for preventing dupes, but applied universally it creates potential security issues as the home addresses of staff who happen to be donors or major donors are available to anyone who knows their name.
We're now quite a large org and it's not really approporiate for the 60+ users all to be able to see the CEO's home address just becauase he once made a donation to us. And potentially any of the 60+ could have an issue with their manager & work out where their house is.
But the only alternative is that no-one can will know about potential duplicates creating a lot of work for me.
Am I right about this? Does anyone have any workaround, or ideas about how to work around this?
Matt
Tagged:
0
Comments
-
Tell your CEO to set up a PO box and make this her primary address, like my CEO does.
But in all seriousness, I don't know of another solution (change her address to the org's address? Does it matter if she doesn't get mailings at home?). I've never considered this to be a security flaw, but I can see what you mean with an org as big as yours.4 -
Sorry, this may be a silly question, but how does this security feature create duplicates for you to filter? If the restricted records do not show on a query, are you saying that an employee will send out a mailing list unable to clean the hidden lines properly?
There may be some workarounds you can do in terms of structure and record marking -- it depends on your organizational workflow and practices. For instance:
1) If all queries/lists are passed to you (as seems to be indicated by your comment that it makes more work for you), then you could add a record attribute marking them as a "watch" record to make it easier to spot and clean them yourself. Require all employees to include the Attribute in their list outputs, even if they don't see the use.
2) Require all employees to use Export to output search results, no matter what. This automatically eliminates duplicates because Export generates a one-record-per-multiple-criteria list. You would still need to closely vet user Reports privileges to restrict access to reports that display donor addresses as well.
3) Depending on the types of communications these people need to receive, you could restrict search results displays through Config, add a solicit code to these restricted records, and require all employees to filter people with that solicit code out of their queries altogether. Then, only certain designated staff people would be in charge of maintaining communications/relationships with those flagged constituents.
Without knowing the exact nature of your organization and workflow, it's hard to suggest an exact workaround. But, either way it sounds like something that's going to require more than a security setting -- it's going to require a workflow structure change. However, if yoru current CEO agrees that it's a problem for employees to know their home address, then it should be easy enough to get buy-in from supervisors for that kind of structural change, right?
1 -
Isn't it possible for anyone, on staff or not, to look up the CEO's address on the internet? And do all of the RE Users sign a confidentiality policy? (In my experience, most of the time there's a blanket policy that's part of the Human Resources hiring process that covers confidentiality of RE data. We had separate ones for volunteers and interns.) Is this a concern from your CEO or other upper management & also a donor staff member? I would hope that if someone has a big enough issue with a manager, that HR would know about it, and that they could give you a heads up. If that person is vindictive enough to do something with the manager's home address, then there are a lot of other things that person could probably do with access to RE in general that would cause problems for the manager (not to mention you and other staff).
I'm not sure what I'd do as far as RE Security. Although, you could possibly block those records from view and let everyone know that if they have something to put on the record of a staff member and can't find the record in RE, to just forward the data to you. If it's not a big list, this might work. Or, create intentional duplicate records (with a Constituent Code or something to identify them...and maybe manually set the Constituent ID to match the "real" record then add a suffix to it) and put the organization address on those records. Periodically check those records and merge (without deleting) anything into the "real" record, which is hidden from staff who don't need access to it.
This one's a pickle. Sorry I can't be of more help.5 -
Faith Murray:
Sorry, this may be a silly question, but how does this security feature create duplicates for you to filter? If the restricted records do not show on a query, are you saying that an employee will send out a mailing list unable to clean the hidden lines properly?
I probably didn't explain this very well, but didn't want to go on for too long. Basically when staff are adding on new records, we have them check first that the person isn't on RE already using the search window. But if the option is selected so they can only view the names (and addresses) they have security clearance to see, then they might re-add someone who is already on the system, creating a duplicate.
There may be some workarounds you can do in terms of structure and record marking -- it depends on your organizational workflow and practices...either way it sounds like something that's going to require more than a security setting -- it's going to require a workflow structure change. However, if yoru current CEO agrees that it's a problem for employees to know their home address, then it should be easy enough to get buy-in from supervisors for that kind of structural change, right?:
Yeah, that's a good point.
Thanks
Matt0 -
I think there's a cultural difference between Europe and the US on this. In Europe you have the right to opt out of a lot of this information being available on the web. I mean maybe someone who knows the trade could still dig it out, but it's possible to hide it so that even a relatively thorough search on Google won't turn it up. CEO's perhaps not so much but see the bit below...Jen Claudy:
Isn't it possible for anyone, on staff or not, to look up the CEO's address on the internet?
And do all of the RE Users sign a confidentiality policy? (In my experience, most of the time there's a blanket policy that's part of the Human Resources hiring process that covers confidentiality of RE data. We had separate ones for volunteers and interns.)
They do but...Is this a concern from your CEO or other upper management & also a donor staff member? I would hope that if someone has a big enough issue with a manager, that HR would know about it, and that they could give you a heads up. If that person is vindictive enough to do something with the manager's home address, then there are a lot of other things that person could probably do with access to RE in general that would cause problems for the manager (not to mention you and other staff).
...what has started me off on this was a concern from a lower level manager. In a previous role one of the people she managed had a grievance and turned up at her home one day. I think that activated a niggling concern I already had about this. And in this case, if someone is annoyed enough, or likely to be on the wrong end of a disciplinary then a minor () breach of data access protocols is probably not going to stop them
.
These are very helpful ideas, thank you.I'm not sure what I'd do as far as RE Security. Although, you could possibly block those records from view and let everyone know that if they have something to put on the record of a staff member and can't find the record in RE, to just forward the data to you. If it's not a big list, this might work. Or, create intentional duplicate records (with a Constituent Code or something to identify them...and maybe manually set the Constituent ID to match the "real" record then add a suffix to it) and put the organization address on those records. Periodically check those records and merge (without deleting) anything into the "real" record, which is hidden from staff who don't need access to it.
Matt2 -
Basically when staff are adding on new records, we have them check first that the person isn't on RE already using the search window. But if the option is selected so they can only view the names (and addresses) they have security clearance to see, then they might re-add someone who is already on the system, creating a duplicate.
Ah, yes, that makes sense. Sorry, I was thinking query searches. In that case, Jen's dummy record idea is probably the best solution, especially if you marked them to only receive email acknowledgement letters (so that the thank-you letter doesn't get mailed to the dummy address).
Jen is pretty brilliant sometimes.
FYI, in the US it is also possible (though challenging) to opt out of online directories, provided you don't use social media. I have several relatives who are nonexistant online.
2 -
Faith Murray:
Jen is pretty brilliant sometimes.
And sometimes I make things much more complicated than they need to be.
1 -
I like Jen's options, the other is not a great one either when it comes to mailings and such. But you could move the contact info (address, phone etc.) to a Constituent Note that would not be visible) and leave the address/phone info blank.Jen Claudy:
Isn't it possible for anyone, on staff or not, to look up the CEO's address on the internet? And do all of the RE Users sign a confidentiality policy? (In my experience, most of the time there's a blanket policy that's part of the Human Resources hiring process that covers confidentiality of RE data. We had separate ones for volunteers and interns.) Is this a concern from your CEO or other upper management & also a donor staff member? I would hope that if someone has a big enough issue with a manager, that HR would know about it, and that they could give you a heads up. If that person is vindictive enough to do something with the manager's home address, then there are a lot of other things that person could probably do with access to RE in general that would cause problems for the manager (not to mention you and other staff).
I'm not sure what I'd do as far as RE Security. Although, you could possibly block those records from view and let everyone know that if they have something to put on the record of a staff member and can't find the record in RE, to just forward the data to you. If it's not a big list, this might work. Or, create intentional duplicate records (with a Constituent Code or something to identify them...and maybe manually set the Constituent ID to match the "real" record then add a suffix to it) and put the organization address on those records. Periodically check those records and merge (without deleting) anything into the "real" record, which is hidden from staff who don't need access to it.
This one's a pickle. Sorry I can't be of more help.0 -
Christine Cooke:
I like Jen's options, the other is not a great one either when it comes to mailings and such. But you could move the contact info (address, phone etc.) to a Constituent Note that would not be visible) and leave the address/phone info blank.Thanks everyone for your thoughts on this. I'll try and remember to keep you all posted when I've worked out what I'm going to do.
Matt
2
Categories
- All Categories
- Shannon parent
- shannon 2
- shannon 1
- 21 Advocacy DC Users Group
- 14 BBCRM PAG Discussions
- 89 High Education Program Advisory Group (HE PAG)
- 28 Luminate CRM DC Users Group
- 8 DC Luminate CRM Users Group
- Luminate PAG
- 5.9K Blackbaud Altru®
- 58 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 409 bbcon®
- 2.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- donorCentrics®
- 1.1K Blackbaud eTapestry®
- 2.8K Blackbaud Financial Edge NXT®
- 1.1K Blackbaud Grantmaking™
- 527 Education Management Solutions for Higher Education
- 1 JustGiving® from Blackbaud®
- 4.6K Education Management Solutions for K-12 Schools
- Blackbaud Luminate Online & Blackbaud TeamRaiser
- 16.4K Blackbaud Raiser's Edge NXT®
- 4.1K SKY Developer
- 547 ResearchPoint™
- 151 Blackbaud Tuition Management™
- 61 everydayhero
- 3 Campaign Ideas
- 58 General Discussion
- 115 Blackbaud ID
- 87 K-12 Blackbaud ID
- 6 Admin Console
- 949 Organizational Best Practices
- 353 The Tap (Just for Fun)
- 235 Blackbaud Community Feedback Forum
- 55 Admissions Event Management EAP
- 18 MobilePay Terminal + BBID Canada EAP
- 36 EAP for New Email Campaigns Experience in Blackbaud Luminate Online®
- 109 EAP for 360 Student Profile in Blackbaud Student Information System
- 41 EAP for Assessment Builder in Blackbaud Learning Management System™
- 9 Technical Preview for SKY API for Blackbaud CRM™ and Blackbaud Altru®
- 55 Community Advisory Group
- 46 Blackbaud Community Ideas
- 26 Blackbaud Community Challenges
- 7 Security Testing Forum
- 3 Blackbaud Staff Discussions
- 1 Blackbaud Partners Discussions
- 1 Blackbaud Giving Search™
- 35 EAP Student Assignment Details and Assignment Center
- 39 EAP Core - Roles and Tasks
- 59 Blackbaud Community All-Stars Discussions
- 20 Blackbaud Raiser's Edge NXT® Online Giving EAP
- Diocesan Blackbaud Raiser’s Edge NXT® User’s Group
- 2 Blackbaud Consultant’s Community
- 43 End of Term Grade Entry EAP
- 92 EAP for Query in Blackbaud Raiser's Edge NXT®
- 38 Standard Reports for Blackbaud Raiser's Edge NXT® EAP
- 12 Payments Assistant for Blackbaud Financial Edge NXT® EAP
- 6 Ask an All Star (Austen Brown)
- 8 Ask an All-Star Alex Wong (Blackbaud Raiser's Edge NXT®)
- 1 Ask an All-Star Alex Wong (Blackbaud Financial Edge NXT®)
- 6 Ask an All-Star (Christine Robertson)
- 21 Ask an Expert (Anthony Gallo)
- Blackbaud Francophone Group
- 22 Ask an Expert (David Springer)
- 4 Raiser's Edge NXT PowerUp Challenge #1 (Query)
- 6 Ask an All-Star Sunshine Reinken Watson and Carlene Johnson
- 4 Raiser's Edge NXT PowerUp Challenge: Events
- 14 Ask an All-Star (Elizabeth Johnson)
- 7 Ask an Expert (Stephen Churchill)
- 2025 ARCHIVED FORUM POSTS
- 322 ARCHIVED | Financial Edge® Tips and Tricks
- 164 ARCHIVED | Raiser's Edge® Blog
- 300 ARCHIVED | Raiser's Edge® Blog
- 441 ARCHIVED | Blackbaud Altru® Tips and Tricks
- 66 ARCHIVED | Blackbaud NetCommunity™ Blog
- 211 ARCHIVED | Blackbaud Target Analytics® Tips and Tricks
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- Luminate CRM DC Users Group
- 225 ARCHIVED | Blackbaud eTapestry® Tips and Tricks
- 1 Blackbaud eTapestry® Know How Blog
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)
- 1 Blackbaud K-12 Education Solutions™ Blog
- 280 ARCHIVED | Mixed Community Announcements
- 3 ARCHIVED | Blackbaud Corporations™ & Blackbaud Foundations™ Hosting Status
- 1 npEngage
- 24 ARCHIVED | K-12 Announcements
- 15 ARCHIVED | FIMS Host*Net Hosting Status
- 23 ARCHIVED | Blackbaud Outcomes & Online Applications (IGAM) Hosting Status
- 22 ARCHIVED | Blackbaud DonorCentral Hosting Status
- 14 ARCHIVED | Blackbaud Grantmaking™ UK Hosting Status
- 117 ARCHIVED | Blackbaud CRM™ and Blackbaud Internet Solutions™ Announcements
- 50 Blackbaud NetCommunity™ Blog
- 169 ARCHIVED | Blackbaud Grantmaking™ Tips and Tricks
- Advocacy DC Users Group
- 718 Community News
- Blackbaud Altru® Hosting Status
- 104 ARCHIVED | Member Spotlight
- 145 ARCHIVED | Hosting Blog
- 149 JustGiving® from Blackbaud® Blog
- 97 ARCHIVED | bbcon® Blogs
- 19 ARCHIVED | Blackbaud Luminate CRM™ Announcements
- 161 Luminate Advocacy News
- 187 Organizational Best Practices Blog
- 67 everydayhero Blog
- 52 Blackbaud SKY® Reporting Announcements
- 17 ARCHIVED | Blackbaud SKY® Reporting for K-12 Announcements
- 3 Luminate Online Product Advisory Group (LO PAG)
- 81 ARCHIVED | JustGiving® from Blackbaud® Tips and Tricks
- 1 ARCHIVED | K-12 Conference Blog
- Blackbaud Church Management™ Announcements
- ARCHIVED | Blackbaud Award Management™ and Blackbaud Stewardship Management™ Announcements
- 1 Blackbaud Peer-to-Peer Fundraising™, Powered by JustGiving® Blogs
- 39 Tips, Tricks, and Timesavers!
- 56 Blackbaud Church Management™ Resources
- 154 Blackbaud Church Management™ Announcements
- 1 ARCHIVED | Blackbaud Church Management™ Tips and Tricks
- 11 ARCHIVED | Blackbaud Higher Education Solutions™ Announcements
- 7 ARCHIVED | Blackbaud Guided Fundraising™ Blog
- 2 Blackbaud Fundraiser Performance Management™ Blog
- 9 Foundations Events and Content
- 14 ARCHIVED | Blog Posts
- 2 ARCHIVED | Blackbaud FIMS™ Announcement and Tips
- 59 Blackbaud Partner Announcements
- 10 ARCHIVED | Blackbaud Impact Edge™ EAP Blogs
- 1 Community Help Blogs
- Diocesan Blackbaud Raiser’s Edge NXT® Users' Group
- Blackbaud Consultant’s Community
- Blackbaud Francophone Group
- 1 BLOG ARCHIVE CATEGORY
- Blackbaud Community™ Discussions
- 8.3K Blackbaud Luminate Online® & Blackbaud TeamRaiser® Discussions
- 5.7K Jobs Board