Non-Address Contact Detail Restrictions
This feature allows access to specific contact details (of at risk individuals) to be restricted. For example, this would apply to individuals that have been granted the right to have their details to be kept secret by the government or otherwise have made such a request.
A contact details access restriction can be applied to a person. Non-address contact details can only be accessed by users with a role that includes the restriction. Non-address contact details are: business phone number, private phone number, mobile phone number, fax number and e-mail addresses.
When a user tries to access a person with non-address contact details that they are not allowed to see, these details will not be retruned.
- Example
-
User Bob is granted access restriction SECRET_CONTACT_DETAIL. No access restrictions have been granted to user Pete. The following table shows which contact details they can access.
Person | Phone Number Business | Address Access Restriction | Accessible by Bob? | Accessible by Pete? |
---|---|---|---|---|
Mary |
123-456-789 |
SECRET_CONTACT_DETAIL |
yes |
no |
Jane |
123-456-789 |
empty |
yes |
yes |
Susan |
123-456-789 |
TOP_SECRET_CONTACT_DETAIL |
no |
no |
- Inference Prevention
-
When searching for relations/persons using UI or generic, only contact details a user has access to are used:
-
When user Bob searches for persons with phone number business 123-456-789, only Mary and Jane are returned.
-
When user Pete searches for persons with phone number business 123-456-789, only Jane is returned.
-
When searching with Generic API, Top-Level Resource and Concealing of Linked Resource access restriction are applied. For details refer to HTTP API Data Access Restriction Concepts |
Note: These restrictions do not apply when relations/persons are searched for, without any contact detail search criteria.