Notes first published February 13, 2020
Update available from February 13, 2020
At Smartabase, we take your privacy seriously and continue to release features which empower you to control your data. Version 6.3 of Smartabase is ready for you to explore and contains important new functionality for your terms and consent management features.
The new features included in this release are focused around ensuring that you and your colleagues can easily understand and manage the relationship between your use of Smartabase and your organization's goals.
We’re working hard to prepare Smartabase for use in ever-more novel and demanding ways by our growing human performance community. In addition to the terms and consent management upgrades, this particular release contains behind-the-scenes performance enhancements and fixes for several user interface issues, a problem affecting the behavior of linked data, as well as a series of smaller issues.
We have also included information about the 6.2.22 patch, which was released between 6.2 and 6.3.
Increased transparency and consent management
When you use Smartabase from the web application, desktop application or mobile application (but not yet the Smartabase Athlete app), you’re able to review the terms of service your organization has set up for you from your user account. Each terms document you’ve consented to can be opened and viewed at any time, not just when you originally agreed to the terms of service.
We’ve also provided the option for you to withdraw your consent to any or all terms that you’ve previously agreed to. When you choose to reject the terms of service for your Smartabase site (confirmed by saving the changes to your account), you’re automatically logged out of Smartabase. If you change your mind later, or your organization updates its terms of service to ones you can consent to, you will see these terms as part of the login process.
At an organizational level, you can provide Smartabase with the email for your privacy offer in order for them to be alerted if someone withdraws their consent to the terms of service for your Smartabase site. Talk to your Smartabase consultant when you want this set up - it’s a simple job for them to update your site configuration with this information.
Administrators can now see more detailed consent information when auditing terms documents - the date, time and action taken (consent to the terms or rejection of the terms) for each person who’s interacted with any terms document.
There are two exceptions to the terms which are available for review, consent management or auditing:
- Terms documents which have been archived are not visible from your user account or auditable by administrators, even if you previously agreed to them, because archived terms are no longer in force.
- Terms documents which have been set to Always Accept mode are not visible from your user account or auditable by administrators, because you’re asked for your consent to this type of terms agreement every time you log in or refresh your Smartabase session.
General improvements and bug fixes
- User accounts created to facilitate integrations with third-party software (using our API) were not previously subject to any single sign-on (SSO), multi-factor authentication (MFA) and terms of service requirements set up to apply to all users of a Smartabase site. For security and legal reasons, we’ve disabled this behavior and built in the ability for administrators to specifically enable (whitelist) these accounts to bypass SSO, MFA and terms of service where it is appropriate to do so. Whitelisting is recorded in our Smartabase audit trail for reference purposes in the case of inappropriate use of this function.
- We’ve updated the data conflict management tool for administrators to include helpful information in the trail bar. You’ll now see the name of the person affected by the data conflict and the name of the event form that the conflict was recorded in.
- Also for administrators - we’ve added preview screens for the licence and group auditing tools, which allow you to see what’s included in the report before you download it.
- A recent security-related update impaired the availability of linked data in some records. This occurred when three conditions were present:
- Form A retrieved data from Form B via linked calculations.
- A person could create records for Form A but lacked data permissions for Form B.
- That person created and saved a record for Form A.
- We’ve resolved an issue that caused the login process to the Smartabase Athlete app to fail for some people. This problem primarily affected people whose accounts were created using the import process or via an API between May 2019 and February 2020.
Updates between 6.2 and 6.3
6.2.22 - available from January 16, 2020
This patch release contains a small adjustment designed to resolve an issue that caused Smartabase to crash for some customers under high load.