OverviewUser data is the core asset underlying user experiences, member interaction and content creation. Rights to view and download user information are regulated across Higher Logic products. Super Admins and users themselves manage privacy settings for the information associated with user profiles. Impersonation, the ability of an Super Admin to assume the role of another user, is a highly-managed role reflecting the sensitivity of acting and interacting on behalf of another person. The ability of Higher Logic staff to access user information is regulated by Super Admins and provided to specific subsets of Higher Logic employees based on role.
Profile PrivacyAll areas of the user profiles have unique privacy settings. A user can make their email address public while making their profile picture visible to no one but themselves. Super Admins can disable, enable and establish the default profile privacy settings for all users on the Users>Profile>Privacy Defaults page of the Admin site (this page is also linked under the Data Privacy). For every unique element the privacy default can be set to My Contacts, Members Only, Public, or Nobody (only me).
Users can modify the defaults for each unique profile section via their Profile>My Account>Privacy Settings page. Users can also opt out of the directory and display within community rosters on this page.
ImpersonationImpersonation is a powerful tool allowing an administrator to assume logged-in status as another user. It is generally used to troubleshoot or create content on behalf of a user. When established, impersonation is only possibly by Super Admins and achieved via buttons associated with user profiles. The Tools>User Details/Impersonation page of the Admin site also allows impersonation when established.
Several enhancements to impersonation became effective on November 19, 2015:
• Impersonation is off by default. It may be changed to On or Permanently Off. Permanently Off should be used if your organization never wants their staff using impersonation. It may only be activated again through a support ticket.
• A specific subset of Super Admins can have impersonation rights.
• Email is sent to all Super Admins when impersonation settings are changed. This email is based on the Impersonation Settings Changed Notification template in the Data Privacy template category.
• Email is sent to users when their account is impersonated. This email is based on the Member Impersonation Notification template in the Data Privacy template category.
• Impersonation occurs only for a specific period of time. The length of impersonation sessions is determined by configuration.
• Initial impersonation by any Super Admin will require agreement with new Impersonation Terms and Conditions. These can be modified, and are found in the Admin site under Users>Terms and Conditions>Module.
• A report of all impersonation actions is now available. This is linked in the page-top help text of the Admin Site's Data Privacy>Impersonation page.
• Higher Logic staff will not be able to impersonate any user for any client.
Settings to achieve the desired impersonation experiences are established on the Data Privacy>Impersonation page of the Admin site. Higher Logic staff have read-only access on this page, and cannot manage or establish impersonation settings.
Higher Logic AccessAs a company of people dedicated to exceptional service and products, Higher Logic prides itself on the ability to help everyone get the most from what we offer. The goals of providing support, ensuring quality products, and telling others what we do must be achieved consistent with client data privacy wishes. For this reason, the ability of Higher Logic staff to login to any site is determined by configuration by Super Admin staff.
The Data Privacy>Higher Logic Access page of the Admin site allows Super Admins to establish the guidelines for Higher Logic staff interaction on all websites for a given client.
Login Session LengthWhen permitted to login, the length of the login period for any Higher Logic staff member is established by Super Admins.
Departmental AccessThe various teams of Higher Logic staff can have unique access settings. The following Higher Logic staff functions can have access rights individually managed:
• Customer Support – Higher Logic staff charged with providing assistance through support tickets
• Quality Assurance – Higher Logic staff charged with reviewing changes to the software
• Sales and Marketing – Higher Logic staff charged with informing clients and prospective clients of what we offer
Each of these three staff teams can have rights to login as specific users set individually.
For each of these teams, three user roles - Administrator, Member, NonMember – can be established as possible experiences to assume. This allows clients to manage the ability of Higher Logic staff to access user data and content created on the website. If the desired goal is to not allow IsMember protected information to be accessed by a Higher Logic staff team, the role of Non-Member is appropriate. If staff teams are allowed to access IsMember information but not all user data, the roles of both Member and Non-Member are likely appropriate selections. Where a client is comfortable sharing all user information with Higher Logic staff, all roles – Super Admin, Member and Non-Member – may be appropriate.
User AccessSpecific Higher Logic staff members can have individual access settings established under the User Access area of the Higher Logic Access page. These user specific settings are established for a limited time period. It may occur that a Higher Logic Support Team member cannot effectively address a support ticket due to login settings. In these cases the Higher Logic staffer will contact the client admin informing of the current limitation. Allowing additional access for the specific Higher Logic staff person working on the support ticket may be desired in these circumstances.
Any changes to this page are announced to all Super Admins via email. This email is based on the Higher Logic Staff Access Changed Notification in the Data Privacy template category. Regardless of the access settings, Higher Logic staff will treat your data confidentially. Higher Logic staff have read-only access on this page, and cannot manage or establish settings on the Higher Logic Access page.
There are several points of access where users can export user information, such as the member directory or Community Admin reports. Super Admins can determine which PII data should be excluded from the reports and exports by Community Admins and/or end users. Please note that PII data will always be included in reports and exports downloaded by Super Admins.
Super Admins can configure these settings via Admin > Data Privacy > PII Access.
The defaults are indicated below in the screenshot. Please update the PII settings per your organization’s preference.