InterAction’s Data Change Management features are designed to let your site control the changes that users make to firm contacts when working in the Web Client, while at the same time allowing users as much flexibility to contribute to the database as possible. The Data Change Management rules provide a separate set of security on firm contacts by examining the changes that users make and determining what to do with the changes. For each change handled by the process, one of three outcomes can take place:
- The change can be accepted without any further review.
- The change can be made in the system, but also sent to a data steward for further review.
- The change can be submitted to a data steward. In this case, the change doesn’t take place until the data steward reviews the change and accepts it.
InterAction includes a default set of Data Change Management rules for the out-of-the-box contact types.
The InterAction Web Client ignores access rights for changes that are handled in this way by Data Change Management. The accept, review, or submit settings defined by Data Change Management determine whether or not the user can make the change, not access rights.
Note that this only works in the Web Client. Changes made in the Windows Client are never managed by Data Change Management, since only marketing users and data stewards normally use the Windows Client. Whether or not a Windows Client user can make a change depends on his or her access rights to the appropriate folder, as discussed in Access Rights for Folders.
This section provides a very brief overview of Data Change Management and then describes the circumstances in which access rights are ignored. This does not explain everything there is to know about Data Change Management.
This section covers the following topics:
About Data Change Management
Data Change Management is composed of a series of rule sets. Each rule set defines three pieces of information:
- The particular contacts subject to the rule set. There are several ways to identify which contacts are subject to the rules in a set. A common method is to use a particular folder, such as a contact type, marketing list, or administrative folder. For example, the Client contact type is configured with Data Change Management. All contacts assigned the Client contact type are subject to the Client rule set.
- The data steward user responsible for managing any changes processed by the rule set.
- The collection of rules that define how changes made to the contacts should be handled. For example, one rule might state that all new addresses added to the contact must be reviewed after the fact by the data stewards, while another rule might require that company name changes be submitted to the data stewards for approval.
As an example, a rule set might be set up as follows:
- The rule set applies to all contacts with the Client contact type.
- The data steward Jess Vetter is responsible for reviewing and managing this collection of contacts (contacts with the Client contact type).
- Because clients are especially important to your organization, the rule set uses a collection of rules that are considered highly managed. This means that all phone and address changes are submitted, while new phones and addresses are marked for review.
Note that a rule set contains many more rules than those mentioned in this example.
In this scenario, if the user Ed Roberts (who exclusively uses the Web Client) edits the firm phone number for the client TeleNorth, that change is not made immediately. Instead, the change submits a change management ticket to the data steward Jess Vetter. At a later point, she can review the change and decide whether to accept the change or reject it.
If, however, Ed just adds a new firm phone to TeleNorth, the change is made to the database immediately and a review ticket is sent to the data steward. At a later point, Jess can review the ticket and decide whether to keep the change.
In both cases, Ed’s access rights to the folder that sources TeleNorth are irrelevant. Since the change is one addressed by a data change management rule set, the access rights are overridden and the data change management rules take over.
This allows organizations to gather information and users to freely submit information without endangering the data quality in the entire system.
When Are Access Rights Overridden by Data Change Management?
Data Change Management overrides normal access rights for changes made in the Web Client if both of the following statements are true:
- The change was made to a contact that is managed by a rule set. Although rule sets can be configured to manage different groups of contacts in many ways, InterAction also includes a default rule set that is used if none of the others apply. Therefore, this statement is always true.
- The change itself is one that is covered by a rule in a rule set. Not all possible changes a user could make are subject to rules. For example, editing notes is never managed by Data Change Management.
Which Changes Are Managed by Data Change Management Rules Instead of Access Rights?
Data Change Management monitors any adds, edits, or deletes that users make to the following contact information fields for firm contacts:
- Title
- First Name
- Goes By
- Middle Name
- Last Name
- Suffix
- Company Name
- Job Title
- Company Common Name
- Department
- Assistant Name
- Addresses
- Phone Numbers - including phones, fax numbers, etc.
- Electronic Addresses - including e-mail addresses, Web sites, etc.
Therefore, InterAction Web Client ignores access rights for adds, edits, or deletes to the above contact information for any firm contact.
For example, it doesn’t matter if Ed Roberts has Add Phone access rights to the Firm Contacts - People folder – his ability to use the Web Client to add a phone number to a contact sourced in this folder is controlled by the Data Change Management rule set for the contact he is editing.
Which Changes Are Handled by Access Rights Instead of Data Change Management Rules?
Data Change Management does not monitor changes to the following contact information fields. Therefore, a user’s ability to add, edit, or delete these items depends on his or her contact data access rights:
- Additional Fields
- Related Contacts
- Notes
- Activities (note that the user who creates an activity has some control over who can see and edit the activity. This can override the activity access rights. For details, see Security for Activities).
- Folder-specific phones and addresses
For example, if the user Ed Roberts does not have Edit Notes access rights for the Firm Contacts - People folder, he cannot edit any firm notes for contacts sourced in this folder.
Is Adding/Deleting Contacts in Folders Handled by Access Rights or Data Change Management Rules?
This depends on the configuration of the folder and how the contacts are added or removed. The Web Client offers the following ways for users to add and remove contacts in folders:
Rules for Adding and Removing Contacts
| What Users Can Do in the Web Client | Security Model Used |
|---|---|
| Add or remove a contact type for a contact. Behind the scenes, the contact is added to or removed from the corresponding folder for the contact type. | These changes are always handled through change management rules instead of access rights. Similar to data changes, you can configure a contact type to accept, review, or submit the add/remove requests. You do this when configuring the type. |
| Add and remove contacts on marketing lists. | These changes can be handled either using Link Into and Delete Contact access rights or with Data Change Management. |
| Add and remove contacts on working lists. | These changes always use Add Contact, Link Into, and Delete Contact access rights. |
|
Automatically adding or removing contacts based on folder dependency rules. For example, applying the Client contact type to a contact triggers a rule that adds the contact to the Client Information folder. |
Adds and deletes that are done automatically through folder dependency rules ignore access rights, though they can generate Data Change Management tickets. For details, see Folder Dependency Rules and Change Management. |
For more about the different folder classes and how they use access rights, see the following:
- Web Client Security for Working Lists
- Web Client Security for Contact Types
- Web Client Security for Marketing Lists
- Web Client Security for Administrative Folders
For details about configuring Data Change Management, see InterAction for Data Stewards and Marketing Users guide.