Protect User PII Data with Enhanced Personal Information Management : Larry Tung
by: Larry Tung
blow post content copied from Salesforce Admins
click here to view original post
In the Winter ’22 Release, we’ll roll out the ability to prevent external users, such as portal or partner users, from viewing personal information in your user records by enabling the Enhanced Personal Information Management permission. This permission replaces the less-configurable Hide Personal Information setting, which will be retired in the Winter ’23 Release. So, to help you prepare, let’s dive into the Enhanced Personal Information Management permission.
Protecting Your Users’ Data
To protect your external users’ data, Salesforce introduced security settings that let you control personal user information visibility. As an example, let’s say we have two external users, Astro and Codey. Astro can see and edit his own personal information, such as his address, email, and phone number. However, Astro can’t see Codey’s personal information. Similarly, Codey can edit his own personal information but not Astro’s.
Previously, you secured your external user’s personal information with Hide Personal Information, which protected 10 User fields. Hide Personal Information will be retired in Winter ’23 and is being replaced with Enhanced Personal Information Management.
With Enhanced Personal Information Management, you get a more secure framework that:
- By default, secures 20 fields (see release notes for the 20 fields).
- Lets you choose which fields are considered personal information.
These settings are available in the User Management settings.
Enhanced Personal Information Management secures 20 fields by setting each field’s compliance category as “PersonalInfo”. As an admin, you choose which fields are considered personal information. From the Object Manager, on the User object, choose a field, such as “About Me.” Edit the field and choose whether the Compliance Categorization should be set as “PersonalInfo”.
Once a field is set as “PersonalInfo”, it will be hidden from other external users. Since Enhanced Personal Information Management is more secure and configurable, don’t wait to get this enabled in your org!
Before enabling, we recommend you:
- Decide which fields should be considered personal information for your external users, and adjust your standard and custom fields accordingly. This means assigning each field that you want as personal information by editing the field’s Compliance Categorization to “PersonalInfo”.
- Have either Hide Personal Information or Enhanced Personal Information Management enabled, but not both.
- Test in a sandbox prior to enabling in Production.
Resources
- Salesforce Help: Personal User Information Policies and Timelines
- Salesforce Help: Manage Personal User Information Visibility for External Users
The post Protect User PII Data with Enhanced Personal Information Management appeared first on Salesforce Admins.
September 28, 2021 at 09:00PM
Click here for more details...
=============================
The original post is available in Salesforce Admins by Larry Tung
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
Post a Comment