The recruiting process deals with a lot of sensitive information like compensation and interview feedback. Yet, talent acquisition is a team sport that requires myriad involvement from hiring managers, interviewers, and other colleagues not on recruiting teams. So how do you manage getting everyone the information they need and nothing more? Access and permissions.
Unfortunately, when it comes to access controls and user permissions, most applicant tracking systems tend to fall in one of two extremes — one-size-fits all frameworks that are overly simplistic but easy to set up, or customizable frameworks that are overly complex and impossible to configure.
At Lever, we don’t think that either approach makes much sense — as organizational structures grow in complexity, their access control systems must fulfill increasingly sophisticated needs. However, all the customizability in the world means nothing if users aren’t able to easily and intuitively navigate the functionality.
That’s why we conducted hundreds of hours of user research across a wide range of companies to understand our users’ motivations and needs. The result is a user experience-inspired approach that provides flexible and intuitive access solutions, that allows for:
- Confidently managing sensitive recruiting information. Every person who helps with recruiting can have access to the candidate information they need (and nothing more) and clearly see who has access to what information.
- Set it and forget it configurability with cascading logic. Set privileges once based on role with an access hierarchy that spans department, team, location, jobs and more.
- Customizable rules for all levels of organizational complexity. Support more information sharing in one department or office, while being more restrictive in others and change settings as you grow.
Now, let’s dig into a little more detail into the changes.
Custom Access Controls for Limited Team Members
Our newest improvement, which we’re rolling out to customers starting this week, simplifies the provisioning of candidate access for Limited Team Members (LTMs), and makes it easier for all users to manage notifications. This update includes:
- A more intuitive and flexible way to grant LTMs access: via departments, teams, locations, and job postings
- Uncoupling access and following, which means LTMs can access a candidate without automatically being subscribed to all notifications about that candidate
- The ability for all users to opt in and out of notifications about candidates
- The ability for Team Members to create and edit users with Limited Team Member or Interviewer access roles
This enhanced functionality is simultaneously comprehensive and specific, ensuring that organizations can easily set up a configuration that adapts to their unique recruiting needs. Our smart, cascading logic propagates permissions dynamically, eliminating tedious and manual administrative work like setting permissions for every single req, and increases transparency into which users have access to which candidates.
With these changes, “access for limited team members is even better than before,” notes Elouise Inzani, a Talent Acquisition Lead at YouView TV Limited. “I can more easily add people to roles and they can have instant access to candidates.” Making adjustments on-the-fly is also a breeze: “I can amend access where necessary, which is particularly important when colleagues are out of the office.”
Sensitive Information and Privileges
With Lever, you can not only configure which users can see which candidates, but can also set up more granular rules around which types of information a user can see on a candidate’s profile. Given that recruiters frequently handle highly sensitive and confidential information, such as compensation, it’s important to enable users to control access to specific parts of a candidate’s profile.
Last year, we launched Sensitive Information Privileges (SIP), which allows for granular permissioning of your most confidential hiring data, so you can have full confidence that each user only has access to the information they need — and nothing more.
Users must be granted SIP in order to access certain types of sensitive information, such as:
- Secret feedback
- Secret forms
- Secret emails
- Secret files
- Secret job application questions
- Hired candidates
SIP can only be granted to Admins and Team Members, and can be scoped to include only candidates associated with specified departments, team, locations or job postings. In the example below, the user is being granted SIP for candidates associated with any job postings on the Sales team, as well as candidates associated with the Implementation Specialist job posting.
In addition to configuring SIP for Admins and Team Members, users can also grant one-off access to secret notes, feedback, forms, and offers. In the example below, a user has chosen to make their note a secret note, which will be visible only to users with SIP for the DevOps Engineer role and the user that is being @-mentioned. In addition, the user could grant one-off access to this secret note by clicking +Add users.
Prevent Users from Seeing Their Own Profiles
By linking hired candidate profiles to user accounts, you can prevent users from seeing their own candidate profiles — even if they’re a Super Admin. Imagine how awkward it would be if an employee could read feedback about themselves, written by their current co-workers, or if they were privy to written discussions about negotiations about their compensation package. In Lever, recruiting teams can ensure that users will never be able to access any of this information about themselves, without having to lose any useful data.
Lever offers unmatched flexibility and configuration features to seamlessly adapt to a variety of unique structures and workflows. Our intuitive and sophisticated functionality ensures that every company is able to protect its sensitive and confidential data, freeing up talent organizations to to meet ever-growing headcount goals.