User roles and permissions
You can control access to your organization's data by assigning user roles. Most members of the organization should be granted the employee role.
Assigning roles to the members of your organization should be a thoughtful process and follow the principle of granting users only the permissions they need and no more than that. For a number of roles, including members of HR, recruiting, finance, IT, and more, additional permissions may be appropriate, depending on the needs of your organization.
For example, a department head will have access to sensitive data, such as compensation, for all of their reports, and their reports, all the way down the tree -- but would not receive access to peers or those in other departments.
ChartHop Premium customers can work with their ChartHop representative to further customize the permissions associated with roles as necessary. Users of ChartHop Basic and ChartHop Standard can only use the default roles that ChartHop provides.
- ChartHop Basic customers can assign only two roles within their organization: employee and owner.
- The following roles were deprecated. For users who have already been assigned these roles, admins do not need to take any action. Access will remain unchanged for users who have been already been assigned these roles.
- Time Off Viewer
- Personal Contact Viewer
Role | Description |
Employee | Allowed to see their own personal information and the sensitive information of anyone in their reporting line. This is the default access level, appropriate for most members of the organization. |
Employee (no comp data) | The same access as an employee but without permission to view compensation data. |
Compensation viewer | Same as an employee but can also see compensation data. |
Guest | Can view org public data. Recommended for users outside the organization. Users who are org members can also see their own personal data, but not the sensitive data of individuals in their reporting line. |
Org editor | Access to all sensitive data including compensation, with the ability to edit and make permanent changes to the primary environment. Does not have admin capabilities such as the ability to install applications or change organization-wide settings. |
Owner | Allowed full access to everything, including the ability to change user permissions, configure integrations, and alter organization-wide settings. Because of the scope involved, this access should be tightly restricted. |
Recruiting Editor | Same as an employee and can view and edit open jobs and merge scenarios. |
Recruiter | Allowed to view sensitive information about open jobs only, including target compensation levels and viewing all sensitive data. Not allowed to make changes to the primary timeline, or access sensitive information about current employees other than those they manage. |
Sensitive data viewer | Same as an employee but can also see all sensitive data, including for those outside of their reporting line. |
Technical owner | Allowed to manage user permissions, configure apps and integrations, update custom fields, and alter organization-wide settings. However, they do not receive direct access to sensitive people data in the application. Because of the ability to configure data access and API keys, a Technical Owner could indirectly establish access to sensitive data (although such activity would be auditable), so this role should be granted with care to appropriate IT staff. |
The following permissions are associated with each built-in role. Customers who have ChartHop Premium can work with ChartHop technical support to customize roles for their organization.
Permission | Description | Associated with role |
Standard access | | All roles |
Hide compensation | Cannot view any compensation data. | Employee (no comp data) |
Hide all sensitive data | Can't view any sensitive data. Sensitive data includes: compensation, personal contact, and so on. | |
View time off | Can view time off information for all employees. | |
View personal contacts | Can view personal information for all employees. | |
View cash compensation | Can view cash compensation for all employees. | Compensation viewer |
View equity compensation | Can view equity compensation for all employees. | Compensation viewer |
View all open jobs | Can see all open jobs. | Recruiter |
View and edit all open jobs | Can view and edit all open jobs. | Recuiting editor |
View all sensitive data | Can view all sensitive data for all employees. |
|
Manage fields | Can add, edit, delete and organize fields. | Technical owner |
Manage apps | Can install, configure and uninstall apps. | Technical owner |
Manage forms | Can add, edit, and delete forms. | Technical owner |
Manage users | Can add, edit, and delete users. |
|
Manage groups | Can add, edit, and delete groups. |
|
View and edit all org data | Can view and edit all org data for all employees. | Owner |
Merge scenarios | Can merge scenarios. | Recruiting editor |
Administrator | No restrictions. | Owner |
Sometimes some of the above permissions may need to be limited to a certain department or set of departments. For example, a recruiter who focuses on sales roles may not need to access compensation for all open roles; they might only need access to the Sales department.
Mark the Department Limited option in the user access dialog to add this restriction, and select the departments that the special access should be limited to. For roles in other departments, the user will have Member View.
If you have more complex rules for access than restricting by a particular department, you can check Custom Filter Limited and create a filter.
For example, if you want a People Partner to have sensitive access to everyone in the New York office, but exclude executives and members of the Human Resources department, you could use the filter:
location:"new york" !team:executives !department:"human resources"
Be sure to test filters to ensure that the permissions line up as you expect. You can click the Test button to retrieve a list of people and jobs matching the filter.
