You are viewing limited content. For full access, please sign in.

Question

Question

Add redactions but not then see through them?

Laserfiche Workflow
Updated September 13, 2018
asked on April 15, 2016

Hi,

We have had a request relating to redactions and I wondered if it would be a desirable or feasible feature to implement.

The client would like to allow users within a particular security group to add redactions to documents but then not see through them, or remove or edit them. Effectively they would become permanent to those users once added.

Currently a user cannot redact a document without having the "See through redactions" right. I can see the logic with this but wondered if there were a way to achieve what the client is requesting.

We could probably use workflow to retrospectively remove the "See through redactions" right for certain users but if there is a better way, or any plans to change the current behaviour we'd be keen to hear those.

0 0

Replies

replied on April 15, 2016 Show version history

Hi Nigel,

Can you elaborate on the scenario behind this? The user obviously could see the contents prior to the redaction being applied in order to create it in the first place. Why now would we be looking to block it from them immediately afterwards? That would help us to determine if this is a desirable feature. 

(Or is the concern less that they can see them, and more that they become permanent?)

0 0
replied on April 15, 2016 Show version history

Most of the time we have corrected this using workflow. There are two main ways that we do this:

 

1) When a user adds a document, it goes into a "working" area that allows someone to see through redaction and make any needed redaction. At this time the user also adds/changes initial metadata so that it is routed further along in the process. Whatever folder your workflow routes it to at that point will not have the see through redaction right. The main drawback with this is that the end user cannot add additional redaction at these later steps. 

 

2) Another approach is to have a field that can be selected on the document called "Redaction Changes Needed"  (with an optional field to add a reason). Then you can use workflow to grant that user to the see through redaction right to this specific document. We generally add a timer onto this workflow that removes this right after 15 minutes automatically. This gives them plenty of time to make and save any redaction changes they need. 

This 2nd approach also works well as a Business Process if you don't care about the reason, or want to use a list of generic reasons (i.e. you create multiple copies of the BP that say something like "Need to redact XXX" ). This sort of thing is actually pretty common in other systems for things like social security numbers, and is usually audited to make sure it's not being abused. 

 

 

Many times we've actually combined these two - someone does all of the initial metadata entry and redacts items then later there's a system that if someone has a buisness reason to see the redacted items they can grant themselves access with the knowledge that they are being tracked. 

0 0
replied on April 18, 2016

My assumption is that certain data within a document has become sensitive and they would like to minimize risk of that information being shared in the future by using redactions. However that data should now also be hidden from regular staff in the long term but in the short term they would like regular non privileged users to be able to perform that redaction rather than rely on superusers (with the see through redactions right) to do this.

It does seem slightly odd in that a user is effectively permanently redacting data they can currently see, but then not see it again. If the redaction was made in error then it would be difficult to correct.
 

0 0
replied on April 18, 2016

That's always a tradeoff in these situations. However if they were doing this with a paper process then any redactions would have been made with a black marks-a-lot pen so it's not a whole lot different. If they were serious about security pre-laserfiche, old documents were probably kept in separate access controlled areas. 

 

If you change the security so that no one but Laserfiche workflow has the see through redactions right then you have the option to unlock it later through a workflow process, which is better than what they before with a paper process. That's why many times when I have built this I've had to put in a reason field for them to put a note as to why they needed to see through the redaction. 

 

There are regulations in some industries where this isn't even an option, and you have to make the redactions permanent. But again, this is really no different than what they did with a paper process. 

0 0
replied on November 1, 2017

Hi,

One of my client also has requested for the same functionality, ability to redact and never see through them. They are a law firm and need it as a part of their privacy policy. I understand that they can see it when the document is initially scanned but it is more like a precautionary policy as they would like to minimise the possibility of a breach. 

Is there a particular way in which we can achieve this ?

 

Thank you.

 

Bipin Nambiar

0 0
replied on September 12, 2018

I am following this post. I also have a customer that needs to be able to redact, but not able to see already redacted documents in the same folder. Please let me know if there is a work around that does not require moving to different folders.

 

0 0
replied on September 12, 2018

Hi Crystal, 

You can always set the rights to see or not see through redactions directly on the documents themselves, generally through workflow. You'd need this to be part of some sort of process for workflow to know that it's time to change the security, but that is always an option for this type of scenario. So, for example, maybe the state of the document changes such that it's now past the 'initial filing and review' stage (which one of the earlier comments referenced). Then, when some trigger happens indicating that it's no longer in that stage, the ability to add and see through redactions could be removed. 

1 0
replied on September 13, 2018

Ok I was just wondering if the process was possible not using Workflow.

0 0
replied on September 13, 2018

Is the idea that there is only ever one redaction on the document and then it's immediately made locked down? What if redactions need to go on multiple pages, or multiple redactions on one page, etc. The problem is, how does the system know when it is 'done'? 

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...