Privacy on contacts

[sgeulette]

Hi,
we use contacts in our internal applications.
We manage in the same directory external contacts but also internal contacts, professional data but also private data.
Actually each employee can access to all contacts and all data.
Regarding the GDPR, we have to limit data access: you can only access data if it is necessary for your job.

I see 2 solutions:

1. restrict contact access following usage context but it limits the approach of a global directory. Duplicates can appear (if you don't see a contact, you will create a new one).

2. show by default a limited set of data and add a button on which the employee can click to show the full set of data. => The employee is responsible of his action and we can log it.

I think the second solution is the better one.

Those restriction would depend of an option:

• see all
• demand confirmation to see a set of private data

What do you think it about ?

@cedricmessiant @tdesvenain @vincentfretin @ebrehault @frisi @gbastien @bsuttor

[frisi]

sorry for the late response - i was on holidays ;-)

i also think that splitting up the directory in subfolders (something we did at our project to group
contacts for different persons in charge) is not the best approach. we can't use the fancy widgets but do not use positions and organizations at all....

solution 2 though, seems hacky to me too (maybe i misunderstood parts of your question)

why not restrict certain fields to one or more permissions ?
eg contact.core.AccessAddressData (and others if/where it makes sense)

view templates show all data if user has the necessary permission and leaves them out if not.
edit view should take care too that only editable fields are shown.