Managing user access to private candidate information is always a tricky proposition -- you need to ensure your users have all the information they need to make an informed decision without over-sharing, which can be a tough line to walk. Moreover, blanket user permission levels can be problematic if Job Admins require access to private data for only certain jobs (i.e. a recruiter is involved with salary negotiations for one job, but you wouldn't want them to see this information for a candidate on their own level or higher).
The Job Admin: Private user permission level allows your organization to designate the jobs where a user can access private candidate data. In this article we will cover the differences between the Job Admin: Private and Job Admin: Standard permission levels, how to assign Job Admin: Private to a user for a specific job, and how to audit users with Job Admin: Private access.
Job Admin: Private vs Job Admin: Standard
Generally, permission groupings are split into three major levels: Basic, Job Admin/Interviewer, and Site Admin. These levels are comprised of varying degrees of administrative access. Users belonging to the same permission level will be able to do the same actions. See our user permissions grid here.In addition to permission levels, you can add user-specific permissions to further customize a user's permissions. Greenhouse provides two forms of Job Admin permission levels -- Job Admin: Standard and Job Admin: Private, that are assigned on a per job basis.
Users with the Job Admin: Private permissions can view private files, private notes, and offer details for any candidates on their jobs. They can also generate offers and request approval, while a Job Admin: Standard can't do any of the above.
A Job Admin will only be able to move a candidate to another job where they have permissions that are the same level or lower, but not higher (i.e. a Job Admin: Standard cannot move a candidate to a job where they are a Job Admin: Private). If we allowed a Job Admin: Standard to move a candidate to a job where they are a Job Admin: Private, they would instantly see all of that information on the moved profile.
Regardless of whether the intent is malicious or accidental, allowing this action could show an employee that a new hire in their role is making more money than they do themselves or that they are at the bottom end of the salary band for the job. They could find out sensitive details about a new hire's health or family situation that were meant to be kept between the Hiring Team and the candidate, or even read a negative comment that an interviewer mentioned on their scorecard. Because these incidents represent some of the worst-case scenarios for your users and Hiring Team, the restriction between moving candidates was a necessary addition.
Assign Job Admin: Private
To assign the Job Admin: Private permission level to a user, click the Configure icon in the upper right-hand corner of the page and navigate to Users on the left-hand panel. Select a user from the list.
From the Edit User page, you can see their permission level (Basic, Job Admin/Interviewer, Site Admin) as well as any user-specific permissions the user may have.
Note: Job Admin: Private permission levels can only be assigned to users who are assigned as Job Admin/Interviewer.
Click Add underneath Job-Based Permissions.
From the Job-Based Permissions page, you can assign the user Job Admin: Private (or other Job Admin permission levels) on a per-job basis by clicking + Add in the appropriate column and selecting it from the provided dropdown menu.
When finished, click Save under the Action column. Repeat as necessary for other jobs.
Additionally, you can also add users to both permission types on the Job Setup > Hiring Team page for each job.
Audit Users with Job Admin: Private Access
If you want to quickly audit which users have this private access, you can click the Export to Excel button on the top-right of the Configure > Users page, which will give you a spreadsheet that outlines details about your various users and their permission levels. On the right side, a column called Jobs with Private Data Access will list each position where a user is a Job Admin: Private.