I have been tasked to create a new on-boarding workflow. The new form will be capturing sensitive information for the new employee and I need some suggestions on the best way to protect this information:
I am currently thinking of have 5 potential workflows, the first workflow will automatically start when the new list item is created, this potentially kickoff the other 4 workflows for HR, Payroll, IT and Health Nurse
Once the on-boarding form is submitted I want to hide the values from being seen on the main form and restrict access inside of sharepoint.. If this is not possible I am thinking of making a complex math operation to manipulate the current sensitive input to update the sharepoint list item with a UDA and when I need to extrapolate the data for Payroll reverse it and store it into a variable.
I am looking for others input and possible solutions that you may have implemented in your organizations.
Not gone through this scenario personally, but can throw some ideas off...
1] You could protect data (onboarding form) through Nintex forms .. and may be once its in Edit Mode you could hide those fields? There are lot of ways to turn "fields visible false" based on any conditional logic in Nintex
2] Data is stored in SharePoint and if Nintex forms is the only way your users are going to access this piece of data, then the above point could solve your problem, but if users have access to other ways to access your SharePoint farm (like CAML builder/Powershell etc) then you would need to obfuscate the data that is stored within SharePoint and you could always have to encrypt/Decrypt data when you access it.
3] This also leaves with a question -- How do you expect this data to be updated? I believe even OnBoarding data would need to be updated sometime by some users? How would you handle this scenario?