Transparency and Aviation Safety Data Security - User Roles SetUp

Transparency Is a Philosophical Question

A high level of transparency in aviation safety management systems (SMS) is critical for creating:

• A Just Culture.
• A safety reporting culture.
• A culture of safety.

I think most, if not all, aviation safety managers would agree with me on this. Aviation safety data security is commonly under the control of an SMS administrator, who may also be the director of safety.

Safety managers are safety professionals and are not data security professionals.

This is undoubtedly why safety managers have many questions about configuring users' safety roles and permissions in their aviation SMS database. For example, one SMS software may use:

• Individual User Security Roles; and
• Custom User-Access Roles.

The million-dollar question is: "What is the best practice for organizing access to safety information?"

Related Aviation Safety Manager Articles

• 2 Reasons Top Safety Managers Fail in Aviation SMS
• What Is a Safety Manager in Aviation Safety Management Systems (SMS)?
• How Safety Managers Hurt Safety Reporting Performance - Aviation SMS

Data Access Goes Beyond a Single Aviation Safety Software Solution

While this seems like a more practical, "how-to-use-the-software" question, it’s actually a more philosophical question:

• How transparent should my organization be?

But what exactly do we mean when we talk about transparency?

Definition of Transparency in Aviation Safety Cultures

It all comes down to information and what people (are allowed to) know. Transparent safety cultures are cultures that:

• Give high latitudes of relevant access to all employees – even with fairly sensitive safety information
• Do not restrict relevant information except in rare cases
• Employees have access to managerial safety issues that may affect them

The catchword here is relevant. Transparency does not mean everyone has access to all information – it means that if a piece of information affects an employee, he/she has a means of being aware of it. Period.

Of course, there are certain practical considerations here, such as issues that require investigation, etc. With that in mind, what are some best practices for User Roles/Security setup to maintain data security in aviation SMS data management scenarios? Some roles described herein relate to SMS Pro's aviation SMS solution. Your software probably has something similar, so you adopt similar data security strategies.

Security Roles Setup

The first thing that should be done is to, initially, try and set up your security roles for different users as they function in real life. Before assigning any roles, consider and perhaps even map out an org chart of your company with a brief description of what each management personnel is responsible for in the SMS implementation. Organizational charts are useful for visualizing the layout and workflow of safety information within an organization.

For example, your org chart may lead you to have:

• 1 Admin user who controls the SMS database configuration
• Safety Manager(s) overseeing SMS documentation requirements across multiple divisions

Note that one Safety Manager may also have the Admin role if he/she is in charge of maintaining the SMS database configuration.

• SMS Department Heads should be assigned to each designated department head who will be managing reported safety issues and audit findings within their department
• An accountable executive who is typically in charge of operations, such as a CEO
• Other high-level executives

An Administrator can also assign SMS-Executive roles depending on a larger organization’s more complicated organizational structure, such as the head of HR, CEO, and CFO, as may all likely have vested interests in the aviation SMS.

In this case, as well, an executive may be given a department head role if he/she performs such in real life.

• SMS auditor role can be given to an individual(s) in the organization for internal use, but are often temporarily reserved and assigned to external users, such as regulatory auditors. Some SMS database systems have separate roles for external as well as internal QA auditors.
• SMS users are the basic role that all users will have by default. This low-level role provides access to only the essential features of SMS Pro (such as hazard/safety reporting, electronic message bulletin board, lessons learned library, policies, and procedures, etc.)

We can consider SMS users as being best suited for general employees.

Related Aviation SMS Org Chart Articles

• How to Create an Org Chart for Aviation SMS
• How to Implement SMS in Small Organizations
• 4 Important Reasons to Use Org Charts in Aviation SMS

Custom User Roles in Aviation SMS Data Management

Some aviation SMS databases allow custom roles. Custom user roles are designed to control what safety issues users can/cannot see.

Again, configuring custom roles in an SMS database properly entails that you have a solid stance on what transparency means for your organization, as well as some common sense. What follows is an example of how one SMS database handles data security. Other programs may do something similar but in a different fashion.

For SMS Pro, the first thing to note is whether the SMS user's role has “View All Divisions” checked. With this "transparency setting," every authorized user will be able to see all reported safety issues in all divisions because every user has the SMS user's role by default once they are trained and inducted into the system. We should note that there will be exceptions to "all issues." For example, we would not want all users to see 'sensitive' reported issues. These sensitive issues may be:

• anonymous;
• confidential;
• HR related; or
• security related.

Related Aviation SMS Database Articles

• What Is an Aviation Safety Database
• 5 Most Important Things to Know Before Buying Aviation SMS Database
• When to Design Your Own Aviation SMS Database

The ability of users to access and modify information from different divisions in the company is of primary concern to how much transparency an organization has. To give you peace of mind, general users can occasionally view reported safety concerns, but they never have the ability to modify SMS data records without being granted additional permissions.

Additional transparency-related issues involve questions like:

• Do you want general SMS users to only be able to see issues that they have submitted (no "View" checks), only in their own division, or all divisions?
• Do you want safety managers/department heads to be notified of reported issues from other divisions?
• Do you want safety managers or department heads to be able to view issues from other divisions?
• Should SMS users be notified whenever an issue is reported in their division?
• Whom do you want to be notified when high-risk issues enter the risk management system from the safety reporting system?
• Should anyone else but the SMS admin user be able to delete issues?

Your answers to these questions will determine how transparent (and liberal) your organization is. Approximately five percent of aviation service providers practice almost complete transparency. The remaining 95% are still living in the days of the traditional safety program. If you are old enough, you may remember the traditional safety program, then one that:

• Management didn't support financially, but in name only;
• Management had no expectation of participation;
• Safety concerns were dealt with in private;
• Employees had no protection from management when self-reporting; and
• Management did not expect to get a return on investment.

Safety cultures take time to mature. Moving away from historical attitudes toward the "safety program" will take at least another generation.

Obviously, a balance between what is practical/ideal needs to be considered with your particular organization. When configuring aviation SMS software, there may be no "perfect setup" because there are so many exceptions and use cases. This becomes more evident with more complex but flatter operations.

When you configure your SMS software, there are some settings, such as "SMS users receiving notification of reported safety issue from all divisions," which are both unwise and impractical. Other things, such as only letting SMS users view their reported safety issues (no checks on the “View” column) clearly subscribe to a lower level of transparency but may be prudent.

Data transparency also depends on whether you are sharing your SMS database software with other organizational units, such as with:

• Security department;
• HR;
• Customer care;
• Commercial and marketing, etc.

Deciding the proper setup will take:

• Some serious consideration
• A hard look at how information is currently distributed in practice

Every security configuration check (or lack of checking) should be carefully considered. A good rule of thumb for this question is to work from the highest level of access (SMS admin) to the lowest (SMS users).

Related Aviation SMS Software Articles

• 20 Benefits of Aviation SMS Software
• How to Choose Aviation SMS Software - Educating SMS Professionals
• How Does Aviation Safety Software Improve Safety? - Aviation SMS

Final Thought

Remember that designing security access of roles follows a pretty linear process:

1. Give security roles to users that best mimic real-life responsibility
2. Consider the organization’s stance on transparency at all levels of
3. Assign levels of access in User Roles Setup
4. Modify security roles and user roles if needed

Also, remember that granting access down the road will look a lot better than restricting access later on, so perhaps a conservative approach to start is considered a best practice and smart idea.

To see an aviation SMS software solution and its benefits in action, you may be interested in these demo videos.

Live SMS Pro Demo

Have questions? Want to see SMS Pro live? Sign up for a demo.

Last updated June 2024.