Restricting access to PII (Personally Identifiable Information) data

I am getting questions about the safeguards in place for PII (personally identifiable information such as names, phone #s, addresses, etc) and wanted to hear how other customers have handled.

Where we are seeing leaks is in the alerts, update requests, and send row feature. These features send the entire contents of the row via email, which is an unsecured medium.

We actually don't need the entire contents of the entire row to trigger an update request and/or next workflow step, so if there was a way to mark a field as "don't ever send this field via email" that would probably work, as access to sensitive fields would only be granted to authenticated users.

Find more posts tagged with

Forms

Sharing and Collaboration

Update Requests

Enhancement Request

Email Notifications

Comments

Richard Rymill SBP

hi David, we have a number of clients that need to protect certain info from general users of a sheet and one way that works well, is to use the Attachment column to LINK OUT to a workspace in DRIVE or SHarePoint where only the Right People have access because the data contained is sensitive. You control that Folder and "Unqualified viewers" can ASK for access but not get it unless the ADMIN of the Data and the Sheet allows it. These links can be Sheets or docs, Pdfs or whatever you wish to restrict access to. They can even be links to other "Restricted access" Smartsheets that they can only access if they have permissions.

Hopefully that will help you, as you cannot do what you would like to do, which is hide some of the columns in the rows.

Regards RichardR

Mark Mader

Hi David and Richard -

Two items:

1) we are in the process of designing and developing the ability for users to designate which columns to send on row update requests and row send actions. I suspect this will be released in Q2 '15.

2) One of the ideas that has been discussed internally (@Smartsheet) is the idea of a column type that would enable the end user to protect data (protect data = only make visible to a user w/ a client-side pwd). I won't go into the specfics of how we would approach this technically, but it would result in such data not being accessible unless a user enters the pwd at time of viewing. Implications could span information not being referenceable in formulas, not being visible in email alerts, -- or any other part of the app that references the data value indirectly. Would you be willing to trade some of those capabilities for the ability to 'lock down' a column(s) in a sheet with a pwd that only you know?

-Mark Mader

Richard Rymill SBP

Item 1

Great news.

Item 2

Provided the sheet is designed properly with confidentiality in mind then i would think that design could avoid referencing the column(s) that are sensitve?

We will discuss internally and get back with more on this.. Thanks for asking Mark.

Richardr

David Smith

Feature #1 is an improvement that we would implement on the first day that it becomes available, as it solves an immediate problem.

Feature #2 -- an additional password required to view specific columns -- is one that we would have to think about and discuss how and why to implement into our workflow. So there may be a need, but it's not so obvious.

Michele @ My School DC

I want chime in to say that I would implement Feature #1 on day one.

Loann McGee

I'd be in favor of the locking of columns capability - but would it include the attachments and discussions columns? That is where our most sensitive data will be stored and I have longed for a way for those to not be shared.

On the previous Report sharing feature (app or lab - I don't recall which) the report was shared via a link but not the attachments - I loved that part of the feature!

Thanks for always listening to our input and working to find viable solutions.

Blessings,

Loann

John Sauber

These are great suggestions. I think everyone is excited about update request enhancements coming this summer.

Regarding the sensetive columns, this would enable us to really tie in our vendors and customers to the operations where we collaborate. Thinking about the visibility concept in a generic sense, visibility is just a level of access or permission, analogous to read-only. Visibility along with editability controls on columns would really change how we collaborate with other organizations, by enabling us to control where they collaborate in our sheets.

When I think about our major sheets in this way, some staggering (read: exciting) possibilities open up for us.

Data Solution Consultant

Question for David : Are you planning to store medical data(HIPAA complicance) ?

If that is the case then following is regarding HIPAA compliance.

HIPAA Statement

Under HIPAA, certain information about a person’s health or health care services is classified as Protected Health Information (PHI). Smartsheet customers who are subject to HIPAA are advised to refrain from storing PHI in Smartsheet. Smartsheet does not enter into Business Associate Agreements (BAA).

It is available at the link

http://www.smartsheet.com/security-info

Data Solution Consultant

Also found the discussion regarding Restricting of sensitive data for non-HIPAA sensitive data at the link

https://community.smartsheet.com/discussion/restricting-sensitive-data

Shaine Greenwood

Hello all,

We've recently made a change to our policy on HIPAA compliance.

By entering in a business associate agreement (BAA) with Smartsheet and adhering to the Smartsheet HIPAA Implementation Guide, your organization can use Smartsheet in accordance with HIPAA.

To start the process of becoming HIPAA compliant with Smartsheet, please visit Smartsheet for Healthcare.