Organisations often require the ability to lockdown or restrict access to cases or other work types (e.g. instructions, matters) after they have been setup. In most implementations, reader and contributor access is given to matters via the parent statement of work, and often provides access to team(s) or even department(s). However, if a case becomes sensitive, access may need to be restricted. This workflow pattern provides a blueprint for managing this via workflow.

Context/Background

Cases can become sensitive for many reasons, most commonly cited are due to a participant being high profile or VIP, or due to something happening on the case such as a serious complaint or breach, or the case becoming high profile/reaching the public awareness.

In these circumstances organisations may need to restrict access to the case; by removing any users/teams that should no longer have access, as well as adding users/teams that now need access, such as a compliance or PR team.

If in the future the restriction was lifted, users/teams would need to be re-added manually on a case by case basis.

Workflow Implementation

The workflow is intended to be run manually on a case by case basis; likely via a menu option on work type portal, which may need to have a display rule applied to ensure only appropriate teams/personas can initiate the workflow.

The basic steps of the workflow are:

• Create a task for the user (the person who initiated the workflow) to select who should have access going forwards by assigning a specific role of ‘Restricted access member’ to relevant users/teams
• The workflow then logs those participants with the role (as a collection), remove all case team and security team participants, and then re-add the ‘Restricted access member’ participants as contributors as well as re-adding the matter owner