Configuring System Consent

To comply with policies or regulations, your organization may need to provide employees an intelligible and easily accessible consent form, including for GDPR compliance. The General Data Protection Regulation (GDPR) is a regulation set by the European Commission to strengthen the protection of European resident personal data used by organizations as part of the Data Protection Act.

Administrators upload text files to be used as consent forms that prompt users to read and submit the form upon login. Users who do not submit a consent form will not be able to access Accolade.

Important! Do not enable or upload versions when users are actively working in the system to prevent losing unsaved work. Enabling system consent or uploading new versions will redirect users immediately after clicking Apply.

To configure consent forms:

1. From the System menu, select System > Consent.
2. To add a consent form version, do one of the following:

• Upload a new consent form - Click Upload New Version and Load File to upload a new consent form.
• Create a version from the existing version - Click the file name to download the version and upload the file as a new version.

3. Select the text file (.txt) containing the consent form verbiage and content, and click Open.
4. Click Upload File.
5. Select the Enable System Consent Prompt check box to enable the consent prompt for all users.

The consent page will not display for users unless this check box is checked.

Important! Only the latest version prompts users at login when Enable System Consent Prompt is set.

6. Click Apply to save your changes.

Maintaining the System Consent page

As part of maintaining system consent, you may need to view and modify users who have previously given consent or users who have withdrawn consent. A list of uploaded text documents displays with the version number, the user who uploaded the file, the date the file was uploaded, and a field to leave comments for each version.

To view user consent history:

1. From the System menu, select System > Consent.
2. Click User Consent History to monitor users that have given consent.

The User Consent History dialog provides the user's name and login, the date of acknowledgment, and the consent version.

3. (Optional) Click Download to view the User Consent History offline.

 

Additionally, if a user withdraws consent, your organization may need to manually remove all personal data associated to that user per legal directives and requirements. The system will not automatically remove the user when consent is withdrawn. Removing a user does not delete the user name from the system. For historical record and auditing purposes, projects and other areas of the system will still reference the original user name even when that user is removed. To mask the user name, change the user's name to a generic placeholder like Bob M######. A name with a strike-through indicates a deleted user (i.e., Bob M######) throughout the system.

Note:  Renamed deleted users are not removed as the owner of deliverable or activities in either completed or currently in progress documents. Originally named owners will show in history data.

Removing a user deletes the following user data:

• User Image
• User Email
• Chat Address
• User extended field values

Understand that deleting a user is a permanent action and the user cannot be restored.

Note:  If your organization uses Active Directory, manually update or remove a user from the Active Directory.

Notes:    To delete a consent file, check the box under the correlating to the desired version to be removed. Click Apply to save your changes. Making changes to an existing version will not replace the original version. Upload the file as a new version to apply the changes. The consent prompt does not display for add-ins or external idea submissions.