Use authorization concept in work items to comply with data protection regulationsOfficially Answered
The 7pace Timetracker is covering most of the data protection regulation so far, which is great. It uses an authorization concept with different user roles with specific access rights. This guarantees that In the report view and almost everywhere else only data regarding the personal access rights is visible and exportable:
But there is one point where you can still see data of other employees. In the single work items you can see not only your data but data of others as well, like in this screenshot:
As you can see, as a normal team user I am able to see data of my colleague in the work item. Unfortunately this fact that every user is able to see the data of other users in the single work items is definitely violating the basic data protection regulation of at least our country, Germany.
There has to be a possibility to apply the authorization concept here as well or build in an option to configure this data view as desired.
Please sign in to leave a comment.