NOTE: View the New Admin Experience version of this article.
Providing personal information is often a necessity to use or even access many modern websites, like Facebook, Twitter, LinkedIn, and even our Higher Logic platform. Because of this, data privacy is of paramount importance to today's Internet consumers.
Understanding this, the Higher Logic platform gives Super Admins complete control to:
- set default privacy settings for all of your members,
- restrict access of Higher Logic staff to your site,
- restrict the types of personal information that can be viewed and exported in reports across your site,
- and manage GDPR compliance for your members.
NOTE: Each Higher Logic user can manage their own privacy settings from their Profile > My Account > Privacy Settings page (refer to the Privacy Settings section of the Manage Your Inbox & Account Preferences page for more information).
Accessing Data Privacy options
Super Admins can manage the available data privacy options in the Admin interface:
- Click Admin in the Webmaster Links menu.
- Click Admin.
- In the Data Privacy section, you can manage the following privacy settings for your staff and members:
As a Super Admin, you can control the visibility of PII that displays in reports and exports run by Community Admins and/or members (there are several areas where these users can export user information, like the Member Directory or Community Admin reports).
On this page, you can control what personal information should be excluded in these reports by toggling their associated fields ON/OFF. For example, if you toggle Email Address and Phone Numbers off, this information is excluded from all Higher Logic reports and exports, even if a user's profile privacy settings are set to show this information.
1. These settings do NOT impact what's displayed on a user's profile (each user has full control over their own privacy settings).
2. PII data is always included in reports and exports by Super Admins (i.e., even PII that is toggled off is included).
Higher Logic access
This feature allows you to manage Higher Logic staff access your site. You can limit Higher Logic staff access to generic accounts with the role of administrator, member, or non-member. Access to those accounts is granted to a department or to an individual.
NOTE: All logins by Higher Logic staff are audited and logged in the Impersonation Log report. To view this report, navigate to Admin > Reports > Logins.
Higher Logic staff typically only access your site to:
- Prepare your site for go-live during the implementation process
- Address customer support cases
- Reproduce and validate product issues
However, our goal of providing support must be achieved in accordance with your organization's privacy wishes. Because of this, Super Admins can establish the guidelines for Higher Logic access to your site in the following three areas:
1 - Login Session Length
This is where you can designate (in minutes) how long Higher Logic staff can access your site (if you allow them to access it at all).
2 - Departmental Access
Here, you can set a specific access level for each Higher Logic department:
- Customer Support - Staff who provide assistance by answering your support tickets.
- Quality Assurance - Staff who review updates to the software to ensure they meet our quality standards.
- Sales and Marketing - Staff who explain our software and what we offer to clients (and prospective clients).
For each department, you can restrict access altogether OR set one of three user roles to control their level of access to your site's content and your member's information:
- Member - Grants Higher Logic staff the same level of access as one of your members.
- Non-Member - Grants Higher Logic Staff non-member access to your site (i.e., they can only view public content).
- Administrator - Grants Higher Logic staff Super Admin access to your site (i.e., they can access everything).
NOTE: To restrict access, simply uncheck all three user roles.
3 - User Access
In certain situations, you may want to give a specific Higher Logic staff member access to your site (e.g., they need additional access permissions to address a support ticket). If so, click Add, select the staff member, the time period they'll have access, and their level of access.
Any Higher Logic staff with active sessions are listed here, along with the start and end date of their session, the role(s) they have been given, and any actions they've performed.
1. Any changes made on this page are sent to all Super Admins via the Higher Logic Staff Access Changed Notification email. To view or update this email, navigate to the Admin > Communities > Email Templates page and select the Data Privacy category.
2. All Higher Logic staff access is logged in the Impersonation Log report. To view this report, navigate to Admin > Reports > Logins.
3. Higher Logic staff are limited to read-only access to this page (i.e., they cannot change your privacy settings, only view them).
Impersonation is often used by Super Admins to perform an action on behalf of a member at his/her request. It's also often used to troubleshoot reported problems that are difficult to recreate in other ways due to unique data/user-specific conditions.
In this section, you'll learn how to configure whether the impersonation feature is ON or OFF. When turned on, you can control whether all or only a selection of Super Admins can use it, as well as how long each impersonation session can last.
NOTE: Higher Logic staff cannot impersonate a specific user on your site: We can only use the generic Member and Non-member impersonation options. This may necessitate screen-sharing and other techniques to resolve issues that we were able to troubleshoot through impersonation in the past.
1. By default, the ability to impersonate is not available, but Super Admins can turn it on or off at any time, and even turn it off permanently (if turned off permanently, you must submit a support ticket to Higher Logic to turn it back on).
2. If impersonation settings are changed, the Impersonation Settings Changed Notification email is sent to all Super Admins. Refer to the Admin > Communities > Email Templates page and select the Data Privacy category to view/update this email.
3. The Member Impersonation Notification email is sent to users when their account is impersonated. Refer to the Admin > Communities > Email Templates page and select the Data Privacy category to view/update this email.
4. The first time the impersonation tool is used by an authorized admin, they'll be required to agree to the Impersonation Terms and Conditions, which can be configured on the Admin > Users > Terms and Conditions > Module page (see Page-specific Conditions for more information).
5. All impersonation instances (including by Higher Logic staff) are logged in the Impersonation Log report. To view this report, navigate to Admin > Reports > Logins.
Manage Compliance (GDPR)
The GDPR is a new legislation put into place by the European Union to strengthen data protection by regulating how organizations and individuals obtain, store, use, and dispose of personal data. Higher Logic's Online Community compliance tools help support your organization’s compliance with the new GDPR regulations going into effect on May 25, 2018.
On the Manage Compliance page, Super Admins can search for and manage users' PII associated to your Higher Logic Online Community.
Please see GDPR Compliance to learn more about GDPR and the tools available to you for managing GDPR compliance within the Online Community and Marketing Automation platforms.
This link re-directs to the Admin > Users >Profile > Privacy Defaults page. See Default Privacy Settings for more information.