SBS - The Best Value in QMS software

How to implement Control of Employee Access to Client Data

D

deeparam

#1
Dear all,
Just came across a below given situation.

In my organization we deal with many clients, wherein creating MIS for the clients based on the inputs given by them. All the employees who are involved in creating a MIS have access to all the client information! (the employees are not restricted based on the clients) I’m wondering is this a risk or not. It seems that this is a business requirement; the business cannot allocate each employee for each clients

Please advice
Thanks in advance
Regards,
Deepa
 
Elsmar Forum Sponsor
U

Umang Vidyarthi

#2
Re: confused - how to implement access control!!!!

Dear all,
Just came across a below given situation.
In my organization we deal with many clients, wherein creating MIS for
the clients based on the inputs given by them. All the employees who
are involved in creating a MIS have access to all the client
information! (the employees are not restricted based on the clients)
I’m wondering is this a risk or not. It seems that this is a business
requirement; the business cannot allocate each employee for each
clients
Please advice
Thanks in advance
Regards,
Deepa
In vogue today is a 'single window' system for each client. If every one is entitled to have access to every client then the situation is fraught with cross communications, which could breed confusion.

Umang :D
 
J

John Martinez

#3
Do your employees sign a non disclosure agreement?
Are your employees allowed to bring personal portable media?
Are your employees allowed to transport customer data off site without encryption?
When several employees are working on one project, how do you control change management?
Has your IT department figured out how to restrict access to specific users?
You can restrict access to specific users for specific clients if your organization has different customer projects on different drives or servers.

IF ANY OR ALL NO, YES, BIG RISK.
 
Thread starter Similar threads Forum Replies Date
Anerol C What do I need to implement 7.6 Control of Measuring Devices ISO 9001:2000? General Measurement Device and Calibration Topics 1
A Tooling Control - Asked by our Customer to Implement a Procedure - Suggestions? Document Control Systems, Procedures, Forms and Templates 8
R Using R package to implement Bayesian phase I/II dose-finding design for three outcomes ISO 13485:2016 - Medical Device Quality Management Systems 6
R AS5553 Clause 3.1.7 f - "Implement a returns process....." AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Q AS9100:2016 D - Intent of 8.4.3 (K) - Implement QMS AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Y When will Notified Bodies require MedDev manufacturers to fully implement ISO 14971:2019? ISO 14971 - Medical Device Risk Management 1
S How to Implement COSO 2017 Framework Various Other Specifications, Standards, and related Requirements 0
M How to implement the 4M Change Management System Lean in Manufacturing and Service Industries 3
M Can I audit processes I've established but do not implement or maintain? Internal Auditing 6
S How to address and implement OH&S opportunities in ISO 45001:2018? Occupational Health & Safety Management Standards 12
J ISO 9001:2015 Cl. 8.1 - 'and to implement the actions determined in clause 6' ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
I How to implement ISO 9001:2015 for Construction Field ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Q Is it worth the effort to implement ISO 31000 Risk based on ISO 9001:2015? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
A How do we implement a Process Approach ISO 13485:2016 - Existing GMP QMS Other ISO and International Standards and European Regulations 2
Crusader Can I Implement AS9100 in 1 Department only? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
L How many working hours to required to implement ISO 14001 ? ISO 14001:2015 Specific Discussions 6
A Do we have to implement customer specific requirements? Customer and Company Specific Requirements 13
L Roadmap to implement Business Excellence by department Misc. Quality Assurance and Business Systems Related Topics 11
B How to implement a Nonconformance System in a Service Industry ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
R Does "establish, implement and maintain a procedure" require a Document - OHSAS 18001 Occupational Health & Safety Management Standards 1
W Working in a company where we try to implement ISO 27001 IEC 27001 - Information Security Management Systems (ISMS) 9
T What type of industries or companies that should implement PAS 55? Other ISO and International Standards and European Regulations 2
A What is QSB? How do you implement? What are your documents? IATF 16949 - Automotive Quality Systems Standard 4
B How to implement 4.2.4 - Disposition of Records in Electronic Files ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
T Metrics and Statistics for Improvement - Easy to implement Statistical Analysis Tools, Techniques and SPC 4
S How to implement protection for multi-winding transformer? IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
M My company wants me to implement ISO 17025 in our laboratory ISO 17025 related Discussions 7
C Which of these 2 ways would you implement a Quality System? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
B How to define and implement Configuration Management Document Control Systems, Procedures, Forms and Templates 5
K How Can I Implement the Process Approach in AS9100C AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9
D Implement ISO 22000 or E-Cristal System. Food Safety - ISO 22000, HACCP (21 CFR 120) 2
R How to implement Six Sigma within an IT-driven organisation? Six Sigma 14
A How to Develop and Implement 5S +1 Program Lean in Manufacturing and Service Industries 3
L Time Required to Implement ISO 27001 if ISO 9001 certified & SOX compliant? IEC 27001 - Information Security Management Systems (ISMS) 3
R What I have to do to implement ISO 9001:2008 till Registration and Certification? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
M How to Implement QMS for an Information Solutions company Quality Management System (QMS) Manuals 2
S Planning and Costs to Implement ISO / IEC 27000 - Where to start? IEC 27001 - Information Security Management Systems (ISMS) 2
K How to start Implement SPC for Injection Molding Process? Statistical Analysis Tools, Techniques and SPC 24
C Do you implement real SPC not just a paper work? Statistical Analysis Tools, Techniques and SPC 18
2 Trying to Implement a Manufacturing Engineer Concept to my Company Manufacturing and Related Processes 5
R How does my firm implement hybrid system? ISO 13485:2016 - Medical Device Quality Management Systems 5
M How to implement ISO/TS 16949:2009 when customers do not require PPAP? IATF 16949 - Automotive Quality Systems Standard 7
E Why to Implement or Not to Implement ISO 26000 (Social Responsibility) Other ISO and International Standards and European Regulations 14
bobdoering The CORRECT steps to implement an SPC chart Imported Legacy Blogs 16
J When to implement the Development and Design Clause 7.3? Design and Development of Products and Processes 18
M Want Help to Implement IMS (Integrated Management System)? Occupational Health & Safety Management Standards 7
M How to Implement the QHSE Integrated Management System Easy Steps? Occupational Health & Safety Management Standards 1
E Should FDA implement 3rd party (PMAs) reviews? What are the pros and cons of doing so Other US Medical Device Regulations 2
N Implement the Best Format and Set of Tools for Design For Six Sigma Six Sigma 7
K Which Australian Standard will help me implement OH&S in my business ? Occupational Health & Safety Management Standards 8

Similar threads

Top Bottom