I am new to AirTable, and I LOVE it so far. I need the ability to set a junior staffer’s viewing/editing permission to see and edit some of the columns but not certain sensitive ones.
Is there a help topic I can read on this?
Or do I need to create a new related table or base for her which links to mine but I’ve taken out some columns?
thanks in advance.
Restricting view to sensitive columns
Hi, im also looking for a way to restrict access to some sensitive columns for specific users. We’re started using airtable as our main online database for our product.
Because there is GDPR directive by European union on the way, all of us must focus on security of personal records about all clients, freelancers or our employees… Right now we have columns with name, recipe and amount of money - together could be used for identification = personal records and we must manage them very carefully(restrict access for some of our employees).
This GDPR directive means that all companies must hide data (that could be used for personal identifications) for users they don’t need them for work. Or delete (anonymize) them if subject asks. And because payments and names are sensitive data id they are together in 1 table for analytics, we must anonymize or hide them because they are personal record…
Another problem is about our employees, vacations, tracked toggl times and hour pool of them. In this case I’m able to create for each employee specific view with datas related only to him. So there is hidden fields which are about others. And it’s OK for GDPR.
+4There are now several topics on here about granular permissions - it is absolutely vital - especially in the light of GDPR which doesn’t only affect EU users - but anyone holding data about EU citizens wherever they are.
The security will require both field/column based access control and also row/record level security - probably based on users / user groups.
I’m pretty sure GDPR will also require EU based servers as well.
Julian_Kirkness wrote:
There are now several topics on here about granular permissions - it is absolutely vital - especially in the light of GDPR which doesn’t only affect EU users - but anyone holding data about EU citizens wherever they are.
The security will require both field/column based access control and also row/record level security - probably based on users / user groups.
I’m pretty sure GDPR will also require EU based servers as well.
Fortunately, in our case, it’s business data, not individual people. + Basic data (not final) about our employees’ salaries.
EU based servers? I hope, USA-EU safe harbor agreement will be still valid. We’ll see what we will learn when implementing gdpr in our company :grinning_face_with_big_eyes:
Vaclav_Varilek wrote:
Hi, im also looking for a way to restrict access to some sensitive columns for specific users. We’re started using airtable as our main online database for our product.
Because there is GDPR directive by European union on the way, all of us must focus on security of personal records about all clients, freelancers or our employees… Right now we have columns with name, recipe and amount of money - together could be used for identification = personal records and we must manage them very carefully(restrict access for some of our employees).
This GDPR directive means that all companies must hide data (that could be used for personal identifications) for users they don’t need them for work. Or delete (anonymize) them if subject asks. And because payments and names are sensitive data id they are together in 1 table for analytics, we must anonymize or hide them because they are personal record…
That is only one of the points concerning us as European users. What about data storage? the gdpr request the data to be stored within the EU borders?
How does AirTable take care of this issue for it’s European users? What are the plans, timelines, etc. for gdpr compatibility?
+11Vaclav_Varilek wrote:
Fortunately, in our case, it’s business data, not individual people. + Basic data (not final) about our employees’ salaries.
EU based servers? I hope, USA-EU safe harbor agreement will be still valid. We’ll see what we will learn when implementing gdpr in our company :grinning_face_with_big_eyes:
The USA-EU safe harbour agreement has long since ceased to be valid…
https://www.wsj.com/articles/firms-shift-data-to-europe-as-safe-harbor-pact-ends-1446478648
The GDPR is a big concern for us as well. Especially the storage and permissions in databases will be decisive.
I am also deeply interested in restricting view of some columns.
Has there been any progress regarding this feature since discussion started?
Key feature for me.
Need to find alternative solution if not here.
+33Lukasz_Beczkows wrote:
I am also deeply interested in restricting view of some columns.
Has there been any progress regarding this feature since discussion started?
Key feature for me.
Need to find alternative solution if not here.
You would need to use Stacker to do this.
ScottWorld wrote:
You would need to use Stacker to do this.
True Stacker accomplishes this, but you give up too much in the process. My teams need to consume large amounts of information at a glance and the Grid view with colors etc is the way they like it. Stacker - if I understand it - takes your record and displays it as a form - we can’t click through thousands of records looking for the alert etc.
Reply
Most helpful members this week
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.