Securing constituent information

Mark,

Welcome to the consortium world!

We are an consortium with a total of 4 organizations. We only use control groups for security. With that being said, all organizations use the same customer records but with control groups, the organization can only see their data plus the "Primary" data such as the primary address, salutation, and other non-control group information. This kind of information is usually found on the general tab. In general, all organizations will have access to all customer records even though you could filter by constituencies but they could just turn the filter off. I don't believe that you can prevent that functionally.

We have found only a couple minor issues with the current set up and for the most part been able to overcome this.

First. A certain customer may be a VIP to an organization but a different organization is capable of changing the primary address. This would tend to upset the organization that has them as a VIP. What we do is put an icon in the constituent header stating that this record is a VIP of an organization. This means that we must first contact that organization stating that there is a change and they have the option of approving the change.

Second. Corporations... One organization may a contact to the corporation that is different than another organization. We decided to overcome this with putting the name of the senior officer as the primary name but use control grouped salutations and addresses for each organization. Another method would be to use associations.

All in all, 99% of the data is secure by organizational control grouping, you just need an agreement between all organizations on how to handle primary non-control group data.  

Feel free to contact me if you have any questions on our set up. I would be happy to help.

Marty Jones

Director of Information Services

Omaha Performing Arts
1200 Douglas Street

Omaha, Nebraska 68102

P 402.661.8469

Marty.Jones@omahaperformingarts.org

www.omahaperformingarts.org

For tickets, call Ticket Omaha at 402.345.0606

From: Tessitura Technical Forum [mailto:forums-technical@tessituranetwork.com] On Behalf Of Mark Ridley
Sent: Wednesday, April 20, 2011 7:29 AM
To: Martin A. Jones
Subject: [Tessitura Technical Forum] Securing constituent information

Hi

We are currently in the process of moving from a single organisation setup to a multi-organisation consortium setup, and the timeline for this transition has been tight.

So we haven't had time to consider exactly how we are going to cope with multiple organisations managing customer records in the long term. Also we do not want to make any changes to our existing website as we are currently looking to start the redevelopment of that later this year, when we can incorporate any changes necessary without paying twice for it.

As a short term option, I am looking at doing the following.

• Control Grouping (as much as possible) but in partucular constituencies
• setting up new constituent types for the new org which then point to their own standard address,email address etc (on the General Screen)
• setting lp_customer_rank to add in an organisation specific consituency every time a customer is created (using cust_type to determine which constituency to add)
• setting security such that each organisation can only add new customers or edit customers with one of their constituencies set.

I know this feels over the top and can see that duplicates and merging could be an issue.
I am hoping to implement this only to give us more time to see how the consortium works and come up with better working practices, but mainly to ensure that no violation of data occurs before then.

Will this work? Are there any major issues any one can see by implementing this this way?

Thank you

Mark

This message was sent automatically to you by www.tessituranetwork.com because you subscribed to the Tessitura Technical Forum. You may reply to this message to post to the Technical forum or visit the site to search, read and post to the forums. In the interest of keeping the forum posts from becoming cluttered, we encourage you to delete previous message text from your reply before sending. Thank you!

This message was sent automatically to you by www.tessituranetwork.com because you subscribed to the Tessitura Technical Forum. You may reply to this message to post to the Technical forum or visit the site to search, read and post to the forums. In the interest of keeping the forum posts from becoming cluttered, we encourage you to delete previous message text from your reply before sending. Thank you!

Mark,

Welcome to the consortium world!

We are an consortium with a total of 4 organizations. We only use control groups for security. With that being said, all organizations use the same customer records but with control groups, the organization can only see their data plus the "Primary" data such as the primary address, salutation, and other non-control group information. This kind of information is usually found on the general tab. In general, all organizations will have access to all customer records even though you could filter by constituencies but they could just turn the filter off. I don't believe that you can prevent that functionally.

We have found only a couple minor issues with the current set up and for the most part been able to overcome this.

First. A certain customer may be a VIP to an organization but a different organization is capable of changing the primary address. This would tend to upset the organization that has them as a VIP. What we do is put an icon in the constituent header stating that this record is a VIP of an organization. This means that we must first contact that organization stating that there is a change and they have the option of approving the change.

Second. Corporations... One organization may a contact to the corporation that is different than another organization. We decided to overcome this with putting the name of the senior officer as the primary name but use control grouped salutations and addresses for each organization. Another method would be to use associations.

All in all, 99% of the data is secure by organizational control grouping, you just need an agreement between all organizations on how to handle primary non-control group data.  

Feel free to contact me if you have any questions on our set up. I would be happy to help.

Marty Jones

Director of Information Services

Omaha Performing Arts
1200 Douglas Street

Omaha, Nebraska 68102

P 402.661.8469

Marty.Jones@omahaperformingarts.org

www.omahaperformingarts.org

For tickets, call Ticket Omaha at 402.345.0606

From: Tessitura Technical Forum [mailto:forums-technical@tessituranetwork.com] On Behalf Of Mark Ridley
Sent: Wednesday, April 20, 2011 7:29 AM
To: Martin A. Jones
Subject: [Tessitura Technical Forum] Securing constituent information

Hi

We are currently in the process of moving from a single organisation setup to a multi-organisation consortium setup, and the timeline for this transition has been tight.

So we haven't had time to consider exactly how we are going to cope with multiple organisations managing customer records in the long term. Also we do not want to make any changes to our existing website as we are currently looking to start the redevelopment of that later this year, when we can incorporate any changes necessary without paying twice for it.

As a short term option, I am looking at doing the following.

• Control Grouping (as much as possible) but in partucular constituencies
• setting up new constituent types for the new org which then point to their own standard address,email address etc (on the General Screen)
• setting lp_customer_rank to add in an organisation specific consituency every time a customer is created (using cust_type to determine which constituency to add)
• setting security such that each organisation can only add new customers or edit customers with one of their constituencies set.

I know this feels over the top and can see that duplicates and merging could be an issue.
I am hoping to implement this only to give us more time to see how the consortium works and come up with better working practices, but mainly to ensure that no violation of data occurs before then.

Will this work? Are there any major issues any one can see by implementing this this way?

Thank you

Mark

This message was sent automatically to you by www.tessituranetwork.com because you subscribed to the Tessitura Technical Forum. You may reply to this message to post to the Technical forum or visit the site to search, read and post to the forums. In the interest of keeping the forum posts from becoming cluttered, we encourage you to delete previous message text from your reply before sending. Thank you!

This message was sent automatically to you by www.tessituranetwork.com because you subscribed to the Tessitura Technical Forum. You may reply to this message to post to the Technical forum or visit the site to search, read and post to the forums. In the interest of keeping the forum posts from becoming cluttered, we encourage you to delete previous message text from your reply before sending. Thank you!