Organizations need to maintain detailed employee-related information to comply with local laws. For example, organizations are required to maintain details such as personal information, salary and commission-related details, and attendance and leave related data. This information is sensitive and should ideally be confidential - only those with the appropriate role should be able to view or edit such data. Graded access to employee data, based on roles therefore, becomes imperative.
Different roles such as IT Administrator, HR Manager, and Managers (of employees) need to have acces to different aspects of employee data. At the same time, these roles need to be restricted from accessing certain other aspects of employee data.
Zenoti allows you to restrict or grant access to various aspects of employee data based on roles.
- IT Administrators should be able to create employee records with edit access to minimal sections of the employee profile. Thereafter, administrators should neither be able to view other sensitive sections of the employee record (commissions and performance related information), nor should they be able to edit the sections of the employee profile they created earlier.
- HR Managers should be able to edit basic information about employees, but should be allowed to only view other sensitive employee data in employee reports.
- Managers (of employees) should have the maximum insight into employee details and should be able to view and edit sensitive employee information such as employee commissions and employee performance ratings.
To set role based access to employe details:
- Ensure you are at the Organization level.
- From the main menu, click Admin.
The Admin Dashboard appears.
- Expand Organization and click Security Roles.
The Manage Security Role page opens.
- Click the role for which you wish to set permissions. Example: Manager.
The Manage Security Roles page opens.
- Click the Permissions tab.
You will find all permissions related to accessing employee data under the Employee Manager category. See the table that follows for more information.
- Based on your requirement, restrict or grant access to the various permissions in different categories to different roles. See screenshot that follows.
- Click Save.
List of Permissions to Control Access to Employee Details
The following table lists the various permissions that you can use to control access to employee details. See screenshot that follows.
Break Category: Refers to the type of break or block out time used by employees during a working day when they are taking a break from their regular duties.
By default, Zenoti ships with six types of block out times: Break, Leaving early, Lunch, Meeting, Personal time, and Running late.
|Commission Settings: Refers to Services tab, Products tab, Memberships tab, Commissions tab, and Payrates tab in an employee record (Center level > Employee > Employee).||
|Employee: Refers to General tab, Roles tab, and Catalog tab in an employee record (Center level > Employee > Employee).||
|General Settings: Refers to General tab, Roles tab, and Catalog tab in an employee record (Center level > Employee > Employee).||
|HR Settings: Refers to settings for Attendance Rules, Performance, Pay Period, and Tenure (Center level > Employee > Settings).||
|Jobs: Refers to settings for Jobs (Organization level > Employee > Employees > Jobs). Learn more: Creating Jobs||
|Leave Types: Refers to settings for Leave Types (Organization level > Employee > Settings > Leave Types). Learn more: Add a New Leave Type||
|Other Settings: Groups a few other employee-related settings and refers to the ability to carry out the tasks.||
|View Employee Reports: Refers to the ability to view Employee Reports at the Center or Organization level, as applicable. (Center/Organization level > Employee > Payroll Reports/Other Reports)||
Consider the following screenshot for the Manager role:
From the screenshot, you can understand that an employee with the manager role has access to most of the employee-related information. However, this role cannot work with Leave Types and is also restricted from working with Enrollment, adding mail/telephone details, and editing the username in employee records (see Leave Types and Other Settings section in the screenshot).