Segregating Users to Ensure Privacy in Your Learning and Assessment Systems
by Joe Sabin

Enterprise software offers many advantages: lower cost per user, global or corporate coverage, and ease of moving staff within the organization. However, there is one major disadvantage to enterprise solutions: usually everyone in the corporation is stored in a common database, which leads to privacy and control issues. How do you keep managers in sales from seeing marketing’s training records? And in a global implementation, how do you prevent Spain from seeing France’s training records?

To solve this problem, enterprise software has incorporated the concept of domains.

A domain is an effective way of segregating populations of users into separate entities while still maintaining the advantages of the overall enterprise software solution. In many systems the separation of users into domains is very strict and absolute. Alternative solutions allow a more flexible approach, facilitating a hierarchical and more fluid implementation.

Pedagogue defines access to the various objects in the system via rights and permissions. A right gives a user the ability to view a system “object.” (The term "object" is used to describe the users, questions, exams, assignments, reports, etc. that make up the data in the system.) A permission gives him or her the ability to view specific data. For example, a sales manager might have the right to see test results for sales representatives, but the permission to see only the results for the sales representatives she directly supervises.

To create domains, users (administrators and students) are placed into folders. All folders have rights and permissions assigned to them. The Pedagogue System Administrator assigns rights and permissions to local administrators, thereby creating local “domains.” So, the French sales training administrator can be assigned permission to see test results for only those students residing in the French sales representative folder, the Spanish administrator only students in the Spanish sales representative folder, etc. Similarly, departments can be walled off from one another. But, if a student moves from one department to another he/she is merely moved from one folder to another, with all assessment results kept intact. For example, if an employee moves from sales to marketing his/her exam records follow. This is particularly important for company-wide certification requirements such as compliance.

Using rights, permissions and folders enables domains to be created for any organizational entity, from groups as small as corporate departments up to entire countries—and it enables global corporations to meet European Union privacy requirements.

 

The Pedagogue Assessment Management System is the premier enterprise-level online testing system. It is used by companies as small as a few hundred and as large as a hundred thousand. The system is translated into 18 languages and used in 70 countries. Pedagogue is available as both a licensed system and a hosted solution (ExamsDirect). ©2009 Pedagogue Solutions.

1060 State Road, Suite 101 | Princeton, NJ 08540 | Phone: 609-921-7585 x24| www.pedagogue.com
Print Article