Client data that is secured by a client access group can only be seen by staff with access to the client access group.
Providing Access Through Staff Attributes
Granting access by organizational unit or position allows for less maintenance, but gives less precise control. Including or excluding some staff in various groups may be required. An advantage of granting access through attributes is that new staff or staff whose attributes change are automatically granted access according to their organizational unit or position.
Larger firms may find this method satisfies most of their client security requirements. It fits well where there are many clients who require security, many staff who need access to those clients, and newly hired staff who require access.
Providing Access to Specific Staff
Including or excluding staff gives precise control over access to secured clients, but requires maintenance if staff assignments change. Clients and staff may have to be removed from one access group and placed into another group.
Smaller firms may find this method satisfies most of their client security requirements. It fits well where there are a small number of clients who need to be secured and a small number of staff who require access.
Which Method of Granting Access Is Best?
One method is not necessarily better than the other, regardless of the size of your firm. Some smaller firms with several preparers working with a large shared pool of clients will find granting access by attributes is best. Some larger firms who want the precise control provided by specific staff selection will find that method best.
Many firms will find that granting access through attributes is an efficient way of handling most staff, but the precision of specific selection is best for some staff who have specific access considerations.