Top tips: how to improve data privacy
Around the world, there’s various pieces of legislation, both national and industry-specific, that organisations must comply with to protect the data they collect from any person visiting their site - visitors, employees, students, contactors; the list goes on. Lack of compliance can lead to tarnished brand image, failing audits and facing hefty fines.
Personal data is inevitably captured during any sign in process and in many situations holding critical information is necessary in the interests of safety and reporting - particularly when it comes to audits. However, it’s vital to ensure you have a balance between holding that information, while also respecting the privacy of your visitors and employees. This is where a visitor management system like Sign In App comes into play.
At Sign In App, we’ve always held the belief that our community should have total control over the data they collect from visitors and employees to allow them to comply with both local and industry regulations. Below are some tips on how to utilise our solutions to improve data privacy in your visitor management and employee sign in processes.
Choose where to store your data
The first step for ensuring your data is stored securely and you’re complying with relevant regulations is to choose where you’d like your data to be stored. Certain regulations may require you to store your data in a specific location. When taking out a subscription with Sign In App, you can choose from 6 regions to store your data in - UK, EU, US East, US West, Canada and Australia.
Choose the data you collect and how long it’s stored for
Sign In App is designed to be flexible; you can tailor the sign in process to your site’s requirements and collect the specific information you need from your visitors and employees. With custom data fields, you can customise the information you collect by group, allowing you to collect different information for different visitor types e.g. employees vs guests. When configuring groups, you can also set the data retention period to the length of time you need to store data for; after this time, personally identifiable information will be deleted automatically.
Hide visitor names
Sign In App has a variety of data privacy features built in to improve your visitor management processes, including the ability to hide visitor names. There’s a few ways you can hide visitor names when configuring sites through the online portal.
1. Disable autocomplete for returning visitors
When a visitor signs in, Sign In App automatically searches your site’s visitor history and presents a list of names that match theirs to speed up the sign in process. To improve your data privacy, toggle this option off to disable autocomplete and a list of names will not be shown.
2. Only show pre-registered names with an exact match
When pre-registered visitors arrive, a list of pre-registrations appear once they have typed 3 letters into the full name field. If you toggle the exact match option on, it won’t show a list of names and will only show a pre-registration when the full name is typed.
3. Hide visitors on the sign out list
On the sign out screen, a list of currently signed in visitors is displayed so your guests can locate their name and tap to sign out; there’s also a search option to quickly find their name. Ticking the option to hide visitors on the sign out list will require all visitors to search for their name to sign out.
Pin protect groups
In addition to your visitor data, it’s equally important to protect your employee data too. You can prevent members of the public accessing your employee list with pin protected groups. To set these up, when managing a group on the online portal, click “Data & privacy” and type a pin into the “4 Digit Pin” field.
Limit portal access
Sign In App’s online portal gives you insight into your site’s visitor history, evacuation list and allows you to manage your site settings from a desktop or laptop. To improve data privacy, ensure that your portal users only have access to information they require. To configure the permissions of your users, head to “Roles and permissions” when managing your account on the portal.
By default, “Administrators” have full portal access, including sites and events; “Standard users” have access to the Today, Evacuation list and Reports sections of the portal, but not to Manage. You can also create custom roles, giving you control over the access portal users have. To create a new role click ‘Add role’ and then provide a name; then select the permissions you need for the role - they will be saved as they’re added.
Further to limiting portal access, you may be required to collect sensitive or protected data that should only be visible to portal users with the highest level of access e.g. vaccination status. By setting up sensitive fields, the data provided will be encrypted so it’s not visible in the Sign In App database; only portal users with the user role Administrator or a custom role with ‘Manage Sensitive Data’ permission enabled can view and edit sensitive data fields for group members.
To set up a personal field that should be categorised as sensitive, head to Manage > Groups > Select group > Personal fields, click Add new and toggle ‘This field contains sensitive data’ on.