Arconda Systems Logo
de-DEen-US
Clientl�sung Serverl�sung
Clientl�sung Serverl�sung
Prozessmanagement
Prozessmanagement

Data Protection, Operational Co-determination

The storage of personal data as part of of the organisation of process support assumes that legal data protection requirements are adhered to and that the requirements of the participating operating bodies are implemented.

Function and data access rights

eControl differentiates between function and data access rights.  Function rights authorise the user to implement menu items or functions.  For every worker any number of data access rights can also be defined, and these stipulate which employee may read which data irrespective of the form or checklist.

Templates

A grouping of function and data access rights in templates makes it easier for the administrator to manage the users with similar task profiles.

Customer-specific authorisations

Forms and checklists are a reflection of the customer-specific processes. The right to fill in forms or parts of forms is defined by the processes and those responsible for the processes. eControl provides the definition and allocation of customer-specific rights - e.g. "material damage capture" and "material damage regulation".

Form and field authorisations

The use of forms is controlled as required by customer-specific authorisations. These customer-specific authorisations are also used to control user-dependently  the read and write permission for individual form fields.  Thus for example the read permission can be granted on behalf of the employee only for the management and the HR department - all other generally authorised employees may view this form but the form field "Name of employee" is shown with the comment "No Access".

Adverse trend analyses

The possibility of looking through 10,000 forms at the click of a mouse will cause concern in the area of operational co-determination. With eControl a timeframe can be specified for each user, which is provided for access to historical data.  Forms or checklists that do not or no longer fall within this timeframe do not exist for the user in question.

Release processes

eControl provides a release process where specially authorised employees confirm with their signature that the content of the form and checklists meets the requirements of data protection and operational co-determination.

Event-specific authorisations

On an administrative level eControl provides a robust and restrictive authorisation concept.  If an individual form or an individual checklist has to be seen or supplemented for technical reasons by one or more users, who usually have no access to the data of this owner, the owner may by releasing event-specific authorisations allow basic access to this single event. The advantage of this approach is that no far-reaching allocation of rights on an administrative level is necessary beforehand, in order to satisfy all eventualities.

Data protection in the database

eControl implements data access rights with regard to the database.  Every user is an independent database user (diagram), who may only see the content of the databank for which he has been previously authorised. Irrespective of whether the user has direct access to the database, whether interface programmes deliver or pick up data - the data base that is provided is always the one to which access has been explicitly granted.

It is therefore only possible to avoid the security mechanisms of eControl if the very high security standards of the underlying Oracle database are removed - eControl is therefore elevated to the security level of  the Oracle system.

This efficient and, for the software manufacturer, very expensive implementation technology has been firmly fixed since the specifications for the first version in 2006 and is one of the essential security standards.

Since 2008 eControl has been an official Oracle application, which provides special licences for Oracle where necessary.