<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.Default, li.Default, div.Default
{mso-style-name:Default;
margin:0in;
margin-bottom:.0001pt;
text-autospace:none;
font-size:12.0pt;
font-family:"Calibri",sans-serif;
color:black;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle20
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle21
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal">Dear Natalie,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">First off, welcome!<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Your mention of our training materials and the implications of this particular permission for the UK Data Protection Act and GDPR made us look to see what was happening in the application. As far as we can tell, all permission levels with
access to view agent records have been able to view the contact details part of the record. This is clearly not what was intended, given how this was written up for the purposes of training and the user manual. And we know it’s an even more important feature
now given international laws around securing personal information.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’m pleased to say that one of our developers was able to determine what was wrong and to add a specific permission for viewing the contact details part of an agent record. This permission will be automatically included for the out-of-the-box
permission levels above Advanced Data Entry users and also selectable if high level users want to include it for other permission groups (and de-selectable if people don’t want it included for the permission groups for which it comes automatically). This feature
will need additional testing, but assuming it passes muster, we anticipate including it in our next release, which will come out later in the summer. We’ve added a JIRA issue (<a href="https://archivesspace.atlassian.net/browse/ANW-910">https://archivesspace.atlassian.net/browse/ANW-910</a>)
and work can be tracked there.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks for bringing this oversight to our attention. We typically can’t make changes to the application as quickly as this, but I’m glad it was possible in this case.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Christine<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">Christine Di Bella<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">ArchivesSpace Program Manager<o:p></o:p></span></p>
<p class="MsoNormal"><a href="mailto:christine.dibella@lyrasis.org"><span style="font-family:"Arial",sans-serif">christine.dibella@lyrasis.org</span></a><span style="font-family:"Arial",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">800.999.8558 x2905<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">678-235-2905<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">cdibella13 (Skype)</span><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><img border="0" width="267" height="61" style="width:2.7777in;height:.6388in" id="Picture_x0020_1" src="cid:image003.jpg@01D5280B.698569C0" alt="ASpaceOrgHomeMedium"><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> archivesspace_users_group-bounces@lyralists.lyrasis.org <archivesspace_users_group-bounces@lyralists.lyrasis.org>
<b>On Behalf Of </b>na207<br>
<b>Sent:</b> Tuesday, June 18, 2019 10:11 AM<br>
<b>To:</b> archivesspace_users_group@lyralists.lyrasis.org<br>
<b>Subject:</b> [Archivesspace_Users_Group] Users with basic data entry credentials and access to agent contact details<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-GB">Dear all,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">This is my first message to the user group- I’ve been making great use of the list’s archives and am hoping someone may be able to help with my question.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">I’m working through issues concerning sharing personal data about living individuals in ArchivesSpace- seeking to ensure that personal data is only accessible and shared if necessary and appropriate to comply with the
UK Data Protection Act and GDPR. <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">We were lucky enough to receive 2 days training on ArchivesSpace last summer and our training notes about the types of user record set out the following :<o:p></o:p></span></p>
<p class="Default"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="Default"><b><span lang="EN-GB" style="font-size:11.0pt">Basic Data Entry Staff:
</span></b><span lang="EN-GB" style="font-size:11.0pt">Has no application customization permissions;
<u>is unable to read or write name contact information</u>; has read-only access to Accession, Digital Object, Agent, and Subject records, has read/write permissions on Resource records.
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">I have just set up a test user account and given it basic data entry privileges. When I log in as that user I can view (but not edit) agent records including contact information. The agent records have been created by
the repository to which the test user belongs but the test user can also see contact details of agents created by another repository.
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">I have looked at the ‘manage groups’ menu to check what basic data entry users can do, and found that the following boxes only are checked:- create/update resources in this repository; create/update digital objects in
this repository; view the records in this repository; create and run a background job. It doesn’t look as though there is another box I could tick to limit access to contact information.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">I may be missing something obvious but is there a way to limit access to contact information in ArchivesSpace? I would be very grateful for any assistance,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Best wishes,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Natalie<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-GB" style="mso-fareast-language:EN-GB">Natalie Adams<o:p></o:p></span></b></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-GB">Systems Archivist<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-GB">Cambridge University Library<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-GB">West Road<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-GB">Cambridge<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-GB">Cambridge, CB3 9DR
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-fareast-language:EN-GB">Tel 01223 766377
<o:p></o:p></span></p>
<p class="MsoNormal"><a href="http://www.lib.cam.ac.uk/"><span lang="EN-GB" style="mso-fareast-language:EN-GB">www.lib.cam.ac.uk/</span></a><span lang="EN-GB" style="mso-fareast-language:EN-GB"><o:p></o:p></span></p>
<p class="MsoNormal"><i><span lang="EN-GB" style="mso-fareast-language:EN-GB">Normal working days are Monday-Wednesday<o:p></o:p></span></i></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
</div>
</body>
</html>