Securing HR Virtual Agent Transcripts

gurdesi2 · 4 weeks ago

Hi team,

We’ve noticed that HR-related Virtual Agent interactions generate chat transcripts upon completion and record them in the Interaction table. These transcripts often contain sensitive HR data and are currently visible to any user with access to that table.

Given that the interactions are created in the global scope by default, is there a way to identify whether an interaction pertains specifically to HR and then restrict access to those records for non-HR users?

If anyone has tackled a similar use case before—or has suggestions on how to approach this—please let me know.

Thanks!

Sandeep Rajput · 3 weeks ago

@gurdesi2 The best way to tackle this is to create a read ACL which should only allow access to the record if user is one of Opened for, Assigned to . This way, other users will not be able to access the interaction record and only Opened for, and Assigned to will have access to the information.