This is the second time I have had a 'custom' callings access issue in the last month.Biggles wrote:Short answer - Custom callings have no rights of access to anything online!
Honest question:
What about delegation? We give 'custom' callings to people in order to help the people in the 'standard' callings delegate, and to help the people in the custom callings grow. I know it is our responsibility to make sure (Handbook 1 quote indicating proper handing of information removed - RH) (Handbook 1 13.8) But what do we do when someone's calling requires them to have access to that information in order to fulfill that calling? Are we just setting them up to fail by giving them that calling? Do I counsel the bishop to not give callings of this nature? (I don't think it is my place to do this).
Right now the only solution I have found that keeps the person's actual calling in the system is to have someone in the YW presidency generate the report and either email or hand deliver the report to the individual. I can identify at least three issues with this. First, it creates a dependence on the presidency to generate the report (doesn't enable the individual to accomplish their calling). Second, the report may not be up to date by the time it is delivered. Third (and most important), it requires the parties involved to use an outside and uncontrolled channel in order to provide the information.
As a software developer working on an enterprise 'Users, Access, and Security' team, I know custom access is a non-trivial and very difficult thing to support. Both the UX and the technical implementation need to be top notch in order for access control to work. But in the end when it does work it will empower individuals and strengthen the security of the entire church record system.
If I am in the wrong in any way I am happy to be corrected. I would like some direction to the questions above. Thanks!