This part of GOV.UK is being rebuilt – find out what beta means

HMRC internal manual

Shared Workspace Business Manual

Controlling Access: Access Controls

HMRC Staff have a general duty to protect information. Everyone who has access to protectively marked assets is personally responsible for maintaining the appropriate standards of security SW03150.

Shared Workspace allows members to restrict access to items at all levels of a Room.

Always make sure that when you add a file(s) to Shared Workspace it is only made available to those with a genuine business need and authority to know the information it contains SW03310.

Having decided who can access the item a member must ensure that Shared Workspace Access Controls are used to prevent any other member of the Room gaining access.

Where appropriate, Access Control should be set at a high level on a folder or database as opposed to an individual document. This prevents people from seeing a greyed out item that they cannot open.

Where an item is restricted for access it must be hidden. This will ensure it is only visible to members who have access to it.

Help on setting Access Controls is covered in the Online Learning packages,