Record access
All users are able to access all data in F2 if they have the required rights to do so. F2’s access levels, access restrictions and access rights determine which users have access to which data. A record’s access level is determined by the individual user and to a certain extent the guidelines of the organisation.
In F2, access to a record is managed in the record window. Access in F2 is determined by two elements:
-
Access level
-
Access restriction.
The intersection of these determine who can access a given record.
The access level is set in the “Access” metadata field, and the access restriction is set in the “Access restricted to” metadata field on a record or in the “Limited access” field on a case, if any is attached.
For further information on the record metadata fields, see the Record metadata section.
The following sections describe F2’s access levels and rights.
Record access levels
There are three access levels in F2:
-
Involved: Only users and units actively involved in the record can find it when performing a search. This is the most restrictive access.
-
Unit: In addition to participants actively involved in the record, users in the record manager’s unit can also view the record.
-
All: All users within the authority can search for and view the record.
A new record is created with “Involved” as the default access level, but the responsible user can change the level manually. The access level changes automatically if the record is shared with other users.
| Users do not receive notifications about changes made to a record’s access level. |
| The default access level for newly created records can be customised. Configurations are performed in cooperation with cBrain. |
User access rights to a record
Users have one of three access rights to a record. These are:
-
Read access: Does not allow the user to edit the documents attached to the record or the record metadata (including the record document).
-
Write access to documents: Allows the user to edit the documents attached to the record (including the record document), but not the record metadata.
-
Full write access: Allows the user to edit both the documents attached to the record (including the record document) and the record metadata.
The above access rights are assigned to a user in one of the following ways:
-
Access to the record: Based on the access level specified in the “Access” metadata field on the record.
-
Record sharing: By sharing the record in F2 with a user, e.g. via chats, sending, being added as a supplementary case manager, etc. The methods for sharing a record are discussed in Communication.
| A user may find and open a case only if they have read access to at least one of its records. However, users cannot find and open a case if they are excluded by its access restriction. For further information on how a case’s access restriction affect its records, see the Advanced metadata fields section. |
User access rights determined by a record’s access level
A record always has an access level. If the record has not been shared, access rights to the record depend on its specified access level and whether a user is in the same unit as the record manager. The record manager is the user who is specified in the “Responsible” field on the record.
The table below shows F2’s access level and how they affect other users' access rights:
| Access level specified on the record | Users in record manager’s unit | Users not in record manager’s unit |
|---|---|---|
“Involved” |
No access to the record |
No access to the record |
“Unit” |
Full write access to the record |
No access to the record |
“All” |
Full write access to the record |
Read access to the record |
Generally, the above applies until the record is shared in F2. This is covered in the next section.
User access rights when a record is shared
When a record is shared in F2, others users become involved on the record. The sharing may happen through chats, notes, requests, adding supplementary case managers, etc. The basic principle for access when sharing a record in F2 is this: The user with whom the record is shared is assigned the access right one tier lower than that of the user sharing the record.
| A user’s access rights can never be reduced through the sharing of a record, only expanded. |
However, if a user is added as a record participant or supplementary case manager, the above does not apply.
Users added to the “Record participants” field always receive read access to the record.
The access rights of supplementary case managers depend on the configuration of the user who adds them. For further information, see Settings and Setup.