In the working world, companies frequently find themselves in a split between data protection, efficiency and customer service – which is also the case when it comes to time tracking using SAP Field Service Management (SAP FSM). Specifically, when billing working times, the question frequently arises of how to protect the working times from unauthorized access in SAP FSM, while still being able to deliver a transparent compilation of efforts to the customers?
With the help of a mobile app, SAP FSM generally supports the processing of service orders and records the accumulated efforts during this as well as the different types of hours (working times, rigging and postprocessing time, time for driving), besides material consumption or other data (travel costs, parking fees, etc.) After an order has been processed, the customers are also to be given the possibility to sign off on the recorded data. To make this as easy as possible, it is sensible to bundle the data of all involved employees in one document and present it to the customer for signature instead of getting a signature on separate records for each employee.
The objective of the following settings is generating the clearest possible compilation of incurred efforts while avoiding disclosure of the performed hours to unauthorized colleagues at the same time. To accomplish this, several adjustments must be made in the SAP FSM authorization settings, which we have put together for you below with an indication of their respective effects.
Object type "TIMEEFFORT"
The spent hours are stored in the "TIMEEFFORT" object type. In order to display all efforts for each employee, you need to change the "Read" setting to "ALL." This has the effect that all recorded hours can be read for orders to which the employee personally contributes.
To prevent that also all other recorded hours can be viewed, you must deactivate the right for "VISIBLE" in the UI permissions drop-down menu. This way, you remove the access to working times from the navigation tree in the mobile app.
Object type "SERVICECALL"
To prevent technicians from accessing all service calls and instead only have access to their own, we must adjust the following settings in the "SERVICECALL" object type:
first select the option "ALL" in the "Read" area so that all orders in the database can be accessed;
then activate synchronization rule "R08: Service Calls for technician." This has the effect that only the service calls are transferred to the technicians' mobile devices to which they actually contribute. This ensures that no other service calls can be viewed without authorization.
Object type "ACTIVITY"
To enable access only to the respective service calls that someone has personally worked on, we adjust the "OWN" setting in the "ACTIVITY" object type and additionally activate synchronization rule "R09_2022: All Activities for own Service Calls."
Object type "ATTACHMENT"
As the last setting, the synchronization rule "R50: Attachment on Activities for the technician" is activated for the "ATTACHMENT" object type. This has the effect that only the attachments for service calls someone is personally working on will be sent to the mobile device, thereby reducing the data volume to be transmitted.
By means of the settings described in the previous paragraph, you can make the working times of the service technician visible only to those employees who actually work on the relevant service call. At the same time, however, you can create a compiled report for your customers that includes all working times and submit it to them for signature. This way, you can improve data privacy in your SAP FSM with just a few clicks, without having to settle for less transparency in customer invoices.
Do you have questions or need support to improve data privacy in your SAP FSM? You are welcome to contact us at any time.
I am curious about your comments and thoughts regarding data privacy in SAP FSM!
More FSM topics are planned for the next weeks, so keep an eye on my profile!