You are reading the documentation for an outdated Corteza release. 2024.9 is the latest stable Corteza release.

Sensitivity Levels

Sensitivity levels provide a way to classify what connections, modules, and fields store sensitive information.

Currently, the user interface permits up to 10 sensitivity levels.

Table 1. Sensitivity levels can be defined in three locations:

DAL Connection

The sensitivity level on a DAL connection specifies the highest sensitivity level of a record stored in the given connection. The connection sensitivity level also dictates the highest sensitivity level defined on underlying modules and module fields.

To exemplify, you can make Corteza save all medical records to a dedicated encrypted database.

By default, if no sensitivity level is specified, the data is considered non-sensitive.

Low Code Module

The sensitivity level on a Low Code Module specifies the sensitivity level of records stored in the given module. The module sensitivity level also dictates the highest sensitivity level defined on underlying module fields.

By default, if no sensitivity level is specified, the data is considered non-sensitive.

Low Code Module Field

The sensitivity level on a Low Code module field specifies the sensitivity level of a record value stored in the given module.

Specific record values can be defined as less sensitive to the Low Code module.

By default, if no sensitivity level is specified, the data is considered non-sensitive.

Configuring Sensitivity Levels

To configure sensitivity levels, open the Corteza Admin web application and navigate to system  sensitivity levels. You can create new and manage existing sensitivity levels from the list of sensitivity levels.

Annotated image

To create a new sensitivity level, click on the new button in the top right corner of the list

Annotated image

Fill out the form and click on the submit button.

The level parameter determines the order regarding which one is more sensitive.

Annotated image

Configuring DAL Connections

To configure DAL connections with sensitivity levels, open the Corteza Admin web application and navigate to system  connections.

Annotated image

From the list of DAL connections, click on the edit icon next to the one you wish to update.

Annotated image

Locate the "highest sensitivity level" parameter and set it to the desired sensitivity level.

Annotated image

Configuring Low Code Modules

To configure a Corteza Low Code with a sensitivity level, open the Corteza Low Code web application and navigate to the admin panel of the desired namespace. From the list of modules, click on the module you wish to update.

If incompatible, changing the sensitivity level value on a module will reset the sensitivity level defined on module fields.

Navigate to the privacy settings tab and locate the "highest allowed sensitivity level" option.

Annotated image

Additionally, you can set the sensitivity level to specific fields. Under the fields tab, click on the edit button next to the field you want to update. Navigate to the privacy tab and locate the "sensitivity level" option.

Annotated image

Usage Disclosure

Usage disclosure provides a way for you to communicate to the end user how their sensitive data is used within the system and your organization.

Usage disclosure is shown on the privacy console when the user interacts with their sensitive information.

Usage disclosure can be defined on two levels:

Module-Level Disclosure

Module-level disclosure notes how the entire record is used. Module-level usage disclosures are ideal for noting the general idea of what the module is used for, such as sellable data to advertisement providers.

To set module-level usage disclosure, navigate to the admin panel of your Low Code namespace and edit the relevant module. The sensitive data usage disclosure input is available under the privacy settings tab.

Annotated image

Field-Level Disclosure

Module field-level disclosure notes how a specific record value is used. Module field-level usage disclosures are ideal to note specific fields that may not be intuitive from the general module-level disclosure.

To set module field-level usage disclosure, navigate to the admin panel of your Low Code namespace and edit the relevant module. Click on the edit button next to the module field you wish to set the disclosure. The sensitive data usage disclosure input is available under the privacy tab.

Annotated image