Hypotheses
Currently, no users can see safeguarding information on an application. But as we’re introducing the permission to see safeguarding information we want to let those users know there’s information to see.
But we don’t want to risk colleagues seeing the information accidentally with an ‘over the shoulder’ attack.
We also want to make sure users without the safeguarding permission know why they can’t see it so they can request permission or follow up with the person with safeguarding information as necessary.
If the safeguarding section is disclosed within a collapsible panel
Then users with safeguarding permissions can reveal the information safely
If the safeguarding section explains why it’s hidden for users without the permission
Then they’ll be able to request permission or follow up with the user who has access
Design proposals
- Users with permission to view sensitive material
- Users without permission to view sensitive material