Stay up-to-date with every new feature in Qualtrics XM

LEARN MORE

Ready to try Qualtrics?

GET STARTED

Data Access Settings (EX)

Suite

Employee Experience

Product

Qualtrics

What's on this page

About Data Access Settings

Attention: This feature requires your brand to be on the updated backend infrastructure. Please fill out this survey to see if your brand is eligible. If your brand needs to be updated, a Brand Administrators can request your brand to be updated via the survey.

Data access settings in the Data Privacy tab allows you to control who has access to employee metadata in Qualtrics. Create Data access tags to flag sensitive fields, then Data access roles to determine who gets to view, edit, and export those fields.

Qtip: Only Brand Administrators with the Manage Data Access Control permission enabled can configure Data Access settings.

Qtip: This feature is only available for Employee Engagement, Employee Lifecycle, Ad Hoc Employee Research, and Pulse projects.

Data access settings prevent fields from being viewed in the Participants, Messages, and Data & Analysis tabs of a project. Users can still use and view aggregate results in Dashboards, so long as the Sensitive Data Policy does not prevent it.

Qtip: We recommend adding a minimum confidentiality threshold in addition to data access tags. This can help ensure that users with dashboard edit access can’t filter down data to view individual participants’ results. You can set confidentiality thresholds by dashboard, and even set an organization-wide threshold. As an administrator, this allows you to determine the smallest aggregate of data that can be viewed in any dashboard across the organization.

Setting Up Data Access Tags

Go to the Admin page.

Create a tag from the data access tags tab

Select the Data Privacy tab.

Go to the Data access tags section.

Click Create a tag.

Enter a name for the tag.

Describe the data tag.

Click Confirm.

Navigate to the Employee Directory.

Tools drop down in the emplloyee directory

Click Tools.

Select Data Access Tagging.

Select the fields to which you would like to apply the data access tag. You can search for them in the search bar.

Qtip: Once a metadata field has been tagged in the global employee directory, no user in the brand has access to the field in the global Employee Directory and local EX projects.

View your fields in the Selected field(s) box. To remove any fields, click the ( X ).

Select the data access tag you created in step 7 from the dropdown menu.

Click Apply Tag.

Next, you’ll need to create a data access role to give users access to tagged metadata fields. Follow the steps below for more information on setting up data access roles.

Setting Up Data Access Roles

Data access roles determine which users have access to the tagged metadata fields you created in the section above.

Go to the Admin page.

Select the Data Privacy tab.

Go to the Data access roles section.

The Admin role is the default role for new users, and all data access tags are enabled for this role. To create a custom data access role, see the section below.

Qtip: Users who can edit participant metadata can still add restricted fields and update the participant’s metadata, but if they do not have data access to that metadata they will not be able to view their changes.

CREATING DATA ACCESS ROLES

Attention: Users can only be added as members to a data access role if they’re listed in the employee directory.

Click the plus sign ( + ) next to Custom Roles.

plus sign next to the custom roles header

Name the role.

Click Create.

Click Add.

Next, you’ll add users to your role. Click Add users and then select your method.

Add participants: Manually select users to be in this role.
Automatic role assignment: Create rules to automatically assign users to roles based on their metadata. See Automatic Role Assignment for more information about this option.
Qtip: While the linked pages are for adding users to roles in a project, the core functionality is the same.

Click the Add access tags dropdown under the permissions panel.

Select the data access tags you’d like to assign to this role.

Qtip: To remove data access tag permissions, click the trash icon in the header.

MANAGING DATA ACCESS ROLES

Click the menu next to the role name to either rename the role or delete it.

Add users: Edit or add users to the custom role, or enable Automatic Role Assignment. See the section above for more information.

Permissions: Add and manage data access tags for this role.

Participant management: Data access tagged fields will not be visible in the Participants and Messages tab of EX projects.
Raw Response Analysis: Data access tagged fields will not be visible in the Data & Analysis tab of EX projects.

FAQs

Can Data Access policies be set at the project level?

No. Data Access policies can only be set at a brand level, so tagged fields cannot be accessed in any project for the brand by default.

How can we disable Data Access Policies?

You can remove the tags from tagged metadata fields in the Data Access Tagging section of the Employee Directory. To delete all data access tags, go to the Data Access tags section of the Data Privacy settings.

Was this helpful?

The feedback you submit here is used only to help improve this page.

That's great! Thank you for your feedback!

Thank you for your feedback!