Provide recipent with custodian functionality role #4153
Labels
Comments
elbill
changed the title
|
Thank you @elbill for your feedback. Actually your proposal is interesting and we are since time trying to understand how to make it possible since we have many similar needs in many projects:
Considering all these needs i consider the best is to have a feature enabling to switch roles/user if a user is bound to multiple roles; This approach would probably enable at first to support both 1. and 2. in a very simple way. |
|
I agree the simpler the better!
From the operational point of view, I believe that segregating admin and
recipient is a good practice. I only have one such case. My view may be
biased by our operational model where we are the technical admin.
So in principle I agree (and then it is up to us to apply segregation when
setting up).
Using the same logic, *analyst *role should also be included in
the switching as there is a good chance that an analyst may also be a
recipient.
Thanks!
Στις Σάβ 17 Αυγ 2024 στις 9:41 π.μ., ο/η Giovanni Pellerano <
***@***.***> έγραψε:
… Thank you @elbill <https://github.com/elbill> for your feedback.
Actually your proposal is interesting and we are since time trying to
understand how to make it possible since we have many similar needs in many
projects:
1. there are users wanting to be both recipient and custodian
2. there are users wanting to be both recipient and admin
3. there are recipients of different tenants (typically same lawyers
working for different companies) wanting to have only one account
Considering all these needs i consider the best is to have a feature
enabling to switch roles/user if a user is bound to multiple roles; This
approach would probably enable at first to support both 1. and 2. in a very
simple way.
—
Reply to this email directly, view it on GitHub
<#4153 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFRLQJSK4K5FPCIPIOK5FGTZR3WCDAVCNFSM6AAAAABMN5T5LKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEOJUGY4TQMBSGA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Proposal
I propose that recipients should have the option to be authorized as custodians through a checkbox in the user rights settings. This would introduce a separate custodial role that can be assigned to recipients as needed.
Motivation and context
Currently, the custodian role is distinct and does not allow access to the content of reports. This separation can create uncertainty about whether a recipient should have access to a report. The only way for a custodian to gain any knowledge about a report is through the motivation text provided or if the recipient forwards information outside the system—an action that raises privacy and security concerns.
In practice, custodians usualy serve as recipients as well. They are typically responsible for assessing or escalating reports and taking necessary measures to protect the identity of whistleblowers.
By allowing recipients to be authorized as custodians, we ensure that those who need to manage reports have the appropriate roles and permissions. This dual role would empower recipients to make informed decisions for protecting or sharing the whistleblower identity while maintaining the necessary security protocols and keeping all communication in the platform.
The text was updated successfully, but these errors were encountered: