OWL’s Classification & Access Rights module represents a foundational component within the platform, dedicated to the meticulous organization and safeguarding of data. This module not only classifies data based on its sensitivity or importance but also establishes a structured hierarchy of access rights tailored to organizational needs.
In summary, OWL’s Classification & Access Rights module plays a pivotal role in securing organizational data assets by systematically classifying information and establishing hierarchical access controls. Through robust RBAC, enforcement of security policies, auditing capabilities, scalability, and user education initiatives, the module ensures that sensitive information is protected against unauthorized access, breaches, and compliance risks. By integrating these measures into everyday operations, OWL empowers organizations to uphold confidentiality, integrity, and availability of data while facilitating efficient and secure data management practices.
• OWL Classification & Access rights refer to the permissions to individuals or entities to access specific resources within an organization’s information systems. These rights determine who can view, modify, or use particular data, applications, or services.
Steps to Access Classification and Access Rights:
1. Click Administration.
2. Click Data Access-Classification & Retention Policies-Compliance within the OWL Admin menu.
3. Click Classification & Access Rights.
4. This will open the Classification & Access Rights page.
• Three flags are maintained for Data Access Rights in OWL. Each flag has a different purpose, as shown in the screenshot below.
- Enable Data Access Rights:
Activates the Data Access Rights feature. When enabled, users will see the Data Access Rights field during record creation, allowing them to define access parameters.
- Enable Hierarchy Restriction:
Enforces a hierarchical structure for Data Access Rights. Access is governed based on the user's level within the organization, ensuring that permissions align with organizational roles.
- Make the Field Mandatory:
When this flag is enabled, selecting a Data Access Rights value becomes mandatory during record creation. This ensures consistent access control across all records.
Create Data Access Rights
Steps to Add Data Access Rights:
1. Click Administration.
2. Click Data Access-Classification & Retention Policies-Compliance within the OWL Admin menu.
3. Click Classification & Access Rights.
4. This will open the Classification & Access Rights page.
5. Click on the Add button on the page.
6. It will open the Add Data Access Rights page.
7. This page has two mandatory fields. Name and Description.
8. Enter the Data Access Right name inside the Name field.
9. Enter the short description about the Data Access Right you are creating.
10. Once both fields are entered, click on the Save button.
11. The Data Access Right will be created and will be displayed under the Data Access Rights main table.
Edit and Delete Data Access Rights
Steps to Edit and Delete Data Access Rights:
1. Click Administration.
2. Click Data Access-Classification & Retention Policies-Compliance within the OWL Admin menu.
3. Click Classification & Access Rights.
4. This will open the Classification & Access Rights page.
5. Click on the action menu from any Data Access Right that you want to edit.
6. Edit the name and description as required and click on the Save button.
7. The new changes will be reflected on the Data Access Rights page.
8. To delete an existing Data Access Rights, go to the action menu and click on the Delete Access Rights Level.
9. A reconfirm pop-up will show on the screen. Confirm delete again to delete the access right.
Records without Data Access Rights
When the Data Access Rights feature is enabled in OWL, administrators gain the ability to monitor and manage records that were created without assigned access rights. This ensures compliance and proper data governance across the organization.
Key capabilities include:
• Identifying Unassigned Records:
Records created without Data Access Rights are flagged and made visible to administrators for review.
• Centralized Access via Data Access Rights Page:
Administrators can locate and manage these records directly from the Data Access Rights page.
• Assigning Access Rights:
Once Data Access Rights are added to a record, it is removed from the unassigned list—reducing the count of non-compliant records for that type.
• Compliance Oversight:
This process helps administrators maintain organizational standards by identifying and correcting missing access configurations across all record types
Steps to view and update the Data Access Rights:
1. Click Administration.
2. Click Data Access-Classification & Retention Policies-Compliance within the OWL Admin menu.
3. Click Classification & Access Rights.
4. This will open the Classification & Access Rights page.
5. Within the Data Access Rights configuration page in OWL, administrators will find a dedicated section titled “Number of Records without Data Access Rights”, located just below the configuration flags
6. This section lists all available record types (e.g., Cases, Subjects, Forms, etc.). Beneath each record type name, a count is displayed indicating the number of records that currently lack assigned Data Access Rights.
7. Click on any count under a record type. This will open the pop-up to show all the records without Data Access Rights. Along with the Data access rights, it also shows all the other compliances, if present or not.
8. Click on the Action menu and click on Edit for any record you want to update the compliance.
9. It will show the case in editable compliance fields.
10. Update or add the compliances and click on Save.
11. This will save compliance and will not display again in the same pop-up.
12. When a compliance requirement is configured as mandatory within the organization, OWL visually flags this across relevant records.
13. In the record pop-up view, a red icon appears next to the compliance field that is marked as mandatory.
14. This visual cue helps administrators and users quickly identify missing or incomplete compliance entries, ensuring prompt action and adherence to organizational policies.
15. If the compliance is not mandatory, then a yellow icon will show for each record's compliance.
Related to