Skip to main content
Answered

Limit access IT Administrator To Employee details

  • November 16, 2021
  • 9 replies
  • 256 views
B
Explorer
Forum|alt.badge.img

Dear Personio Support Team,

Would be possible to limit the access to the Employees Details by the Administrator? 

Is saw a question already about notes. But in my humble opnion as an IT admin I also feel I have no business in Salary information. And I think there may be more details that as an IT admin I should have no access to.

The simplest way would be to duplicate the admin Role and disable functions that IT should not have access to. But I noticed that Duplicating the Role of Administrator does not copy it’s access rights.

What is needed is a role that can perform all tasks but is restricted to view or edit sensitive employee details.

 

Thank you.

Best answer by Marc

Hi @Bjorn,

congrats on your first question in the community!

You are right: generally speaking, IT Admins don’t need as many access rights as an HR Admin in Personio. What you can do is to create an additional employee role and assign it only the access rights that you require.

From my experience with other customers, IT requires much fewer rights than what is preset in the admin role, which include several rights for editing HR related matters such as absences, attendance, salaries (as you already mentioned), and so on (for sure depending on what you need to set up in Personio).
So feel free to try out my suggestion.

If you see it a bit differently here, you can submit an idea that will be redirected to our Product Team as product feedback. If you do, you can explain why you want to be able to duplicate admin rights to another role as you describe.

Here is an article on how to post an idea in the community:


If there are any open questions from your side, feel free to ask. I am here to help.

Best wishes
Marc
 

View original
Daniele
1 person likes this
  • Daniele
    Daniele

9 replies

Marc
Former Personio Employee
Forum|alt.badge.img+12
  • MarcFormer Personio Employee
  • Former Personio Employee
  • 498 replies
  • Answer
  • November 17, 2021

Hi @Bjorn,

congrats on your first question in the community!

You are right: generally speaking, IT Admins don’t need as many access rights as an HR Admin in Personio. What you can do is to create an additional employee role and assign it only the access rights that you require.

From my experience with other customers, IT requires much fewer rights than what is preset in the admin role, which include several rights for editing HR related matters such as absences, attendance, salaries (as you already mentioned), and so on (for sure depending on what you need to set up in Personio).
So feel free to try out my suggestion.

If you see it a bit differently here, you can submit an idea that will be redirected to our Product Team as product feedback. If you do, you can explain why you want to be able to duplicate admin rights to another role as you describe.

Here is an article on how to post an idea in the community:


If there are any open questions from your side, feel free to ask. I am here to help.

Best wishes
Marc
 

Daniele
1 person likes this
  • Daniele
    Daniele
B
Explorer
Forum|alt.badge.img
  • BjornExplorer
  • Author
  • Explorer
  • 12 replies
  • November 17, 2021

Thanks for your anwser Marc,

We have set up a IT Role. But for that role we find ourselves unable to add the right to, for example, create or edit roles. Which we think could very well be a task for IT. Could be we are not looking at the right place but the option to create / edit roles seems not to be there.

 

regards Bjorn

Vida
1 person likes this
  • Vida
    Vida
Marc
Former Personio Employee
Forum|alt.badge.img+12
  • MarcFormer Personio Employee
  • Former Personio Employee
  • 498 replies
  • November 18, 2021

Hi @Bjorn,

there are a few rights that are exclusively for the admin role and editing employee roles is one of those. 

The reason for that is that theoretically someone with a limited role but with access rights for editing roles could easily just change their own role settings and that is not intended.

Best regards
Marc

Daniele
Vida
2 people like this
  • Daniele
    Daniele
  • Vida
    Vida
B
Explorer
Forum|alt.badge.img
  • BjornExplorer
  • Author
  • Explorer
  • 12 replies
  • November 18, 2021

I completly understand that. But the current work around is giving that someone admin rights. Which imho is worse.

For now i will submit a request for that. Thanks for you answers an time.

 

regards Bjorn

Daniele
Vida
A
3 people like this
  • Daniele
    Daniele
  • Vida
    Vida
  • A
    AnnV
Daniele
Community Admin
Forum|alt.badge.img+23
  • DanieleCommunity Admin
  • Community Admin
  • 954 replies
  • November 18, 2021

Here is @Bjorn’s idea.

If anybody is interested in this setting, make sure to open it and upvote it:

 

https://community.personio.com/ideas/be-able-to-create-a-limited-administrator-roll-for-it-596

 

Best,
Daniele

Vida
1 person likes this
  • Vida
    Vida
A
Follower
Forum|alt.badge.img
  • AnnVFollower
  • Follower
  • 5 replies
  • February 28, 2023

Hi! 

Has there been any updates on this topic since Nov21? 

Is there any work around to get access to roles without getting the direct access to see Salaries etc.?

B
Explorer
Forum|alt.badge.img
  • BjornExplorer
  • Author
  • Explorer
  • 12 replies
  • February 28, 2023

Hi Ann,

 

I havn’t heard of any updates from Personio. :(

B
Explorer
Forum|alt.badge.img
  • BjornExplorer
  • Author
  • Explorer
  • 12 replies
  • June 14, 2023

Anyone from Personio who can give a status update on this one?

Andrea
Former Personio Employee
Forum|alt.badge.img+16
  • AndreaFormer Personio Employee
  • Former Community Admin
  • 1123 replies
  • June 20, 2023

Hello everyone, 

At the moment there is no update for this functionality, and it is not yet on our roadmap. This is a complex improvement with no straight forward solution, since giving access rights to someone to be able to add and adjust employee roles, would mean, that they can give themselves access rights. This is why at the moment only admins, who anyway have access rights to all the account, are the only ones able to create and adjust employee roles. I hope this makes it a bit more clear why this functionality is not being prioritized at the moment. 

@AnnV you asked the following “Is there any work around to get access to roles without getting the direct access to see Salaries etc.?”. So the answer here would be that it is currently not possible to be able to adjust and add new employee roles without having access to salary information. Nevertheless, you are able to grant employees access rights to assign and unassign employee roles to others: 

 

I hope this information is helpful. Let me know if you have any further questions.

Best,

Andrea

Please beware that moderators may modify the title of your posts to make them easier to find for other users
Daniele
1 person likes this
  • Daniele
    Daniele

Your reply


Most helpful members this week

Terms & Conditions of the Personio Voyager Community