Phased rollout


This version is currently available to SaaS customers only. It will be available to on-premises customers soon.

Identifying and protecting users' confidential data

This use case describes how a case business analyst can define users' sensitive information as confidential data and configure a support group to access it. Sensitive data includes users' personal information that must be protected to comply with government or company regulations; for example, users’ home address, gender identity, medical information, and salary or compensation-related information. 


In a large-scale organization, an employee creates an HR case Payroll issue by using BMC Helix Digital Workplace Catalog. The employee adds Cost to Company (CTC) breakup details, which is sensitive personal information and must be protected from unauthorized access. To identify and protect the confidential data, a catalog administrator and a case business analyst must perform the following steps:

  1. In BMC Helix Digital Workplace Catalog, a catalog administrator must define the CTC breakup details as confidential data.
    Employee's CTC breakup details are marked as confidential data in BMC Helix Business Workflows too.
  2. In BMC Helix Business Workflows, a case business analyst must configure a confidential support group, add users from HR and Finance groups to the confidential group, and grant access to the users. This prevents the confidential data from unauthorized access.

Only case agents who belong to the confidential support group can view the employee's CTC breakup details. Case agents can modify the confidential data if they have both read and write access. For case agents who are not a part of the confidential support group, the confidential data is displayed as asterisks.

The following image illustrates how users' confidential data is protected:

Roles involved in this use case 

The following roles are involved in this use case: 

  • End user

  • BMC Helix Digital Workplace Catalog catalog administrator

  • BMC Helix Innovation Suite administrator
  • Case business analyst 

  • Case agent 


Identifying and protecting confidential data enables a case business analyst to perform the following tasks:

  • Classify users' sensitive and personal data as confidential.
    Data privacy is maintained when data transfer from BMC Helix Digital Workplace Catalog to BMC Helix Business Workflows occurs.
  • Manage the confidential data access.
    Control who can access the confidential data by granting access only to specific support groups.


The following table describes the actions that an administrator, a case business analyst, and a case agent must perform to identify and protect users' confidential data:








BMC Helix Innovation Studio

Configure the confidential support groups in Foundation data so that you can later grant them access to the confidential data. 

Designating case data as confidential
2Catalog administrator

BMC Helix Digital Workplace Catalog

Define the confidential data in BMC Helix Digital Workplace Catalog cases.

Configuring confidential questions in a questionnaire Open link

3Case business analyst

BMC Helix Business Workflows

Define the confidential data so that users' sensitive and personal data is classified as confidential.Designating case data as confidential
4Case business analyst

BMC Helix Business Workflows

Grant access to confidential support groups, so that they can access the confidential data.Designating case data as confidential
5Case agent

BMC Helix Business Workflows

Grant access to confidential support groups, so that they can access the confidential data.Changing user access to cases
Was this page helpful? Yes No Submitting... Thank you