Hi, I’m pretty new to Sharepoint. I have been tasked with setting up 300+ sites for our clients for the sole purpose of sending out notifications when new GDPR docs are added. We then need to get the user to acknowledge they have read the documents, and fill in a short questionnaire to say they have understood and read the documents. I have tried experimenting with multiple workflows, but can’t seem to streamline the process. Am I missing something simple here ? (We don’t want to go down 3rd party route eg, Docuread etc).
We need to make this as simple as possible for the end user, without multiple email notifications, task lists or cross site navigation.
I can create the workflow for sending the notification email. I can create the short survey, including auto populating the page to show who has read it etc, but im having an issue with the workflow auto-filling in the survey, instead of letting them do it.
What I would like to happen is the following:
1: Add document (done)
2: Auto email end user with link to document-have some sort of receipt/reporting they have read (done)
3: Auto relocate them to the survey (I have survey, but its not sending them to it, only autofilling it)
4: Auto fill designated page with survey results
5: Notifiy me or admin when complete
Am I asking the impossible ?
Any help would be appreciated.
(Please forgive any misunderstanding of terminology or description in your replies, I really AM new to Sharepoint !)
DocRead is a full featured software and one that stores information for your Auditor in an easy to read mode also. It generates receipts that can act as proof for your Auditors.
What you are trying to do is possible, but honestly with a lot of headache and improvement iterations. Also these customization will be hard to move from Dev – Stage – Prod.
In shot – No you are no thinking impossible. Definitely do-able, however the time and maintenance overhead for putting such a complex solution in SP is not worth it in my personal opinion.
Unless you have Devs and Power Users sitting idle ready to give 20-50% to this project it might never succeed.
Keeping an Audit Trail will be another challenge and securing it for any kind of tampering another ! It is GDPR compliance you are talking about here at the end of the day.
I know it sounds all scary – but it is the reality of custom route you want to take right now. Be on top of those things, understand the underlying risks and then yes! – you can make it possible with out of the box features and maybe a bit of VS code here and there.
I’m the founder of the community (and we also develop DocRead). You can do this with normal workflow but it will require a chunk of custom dev + configuration.
I wrote an article about how DocRead differs from Workflow here : ‘How does DocRead differ from Workflow?‘. It will provide some tips on what you need to think about.
How will you identify the users who need to receive the GDPR document and also if it changes how do you keep track of who has read which version?
Hi Karl, you are going to be limited if you only want to use OOB functionality. Things you will need to consider (and some of them not easily achievable OOB) are:
1) You will want to notify the users that they need to read a document not only when the document is created or changes (which can be done via a workflow) but also when a new user is added to the group of users that is required to read that document.
2) What happens when a user leaves a group that was assigned to a document. Do you still want to force him to read the document that was assigned to the group (if he hasn’t already done so)?
3) If the user left a group that was assigned to a document but did not read the document do you need to record and log this for audit purposes (may be useful to know if you have an audit later)?
4) If you just made a minor change to the document (e.g. fixed a spelling mistake) that causes a version change, do you want to force all users to re-read the document ( you may end up with a lot of angry users )?
5) You will need to ensure that all audit information is stored securely somewhere (where it cannot be changed) so an SP list may not be the best location for it (you will undoubtedly need to be able to prove that the information was kept in a secure location where it cannot be tampered with ).
6) you will need to expose all the audit information in a user-friendly way so that managers can easily keep track of non-compliant users.
I’m sure there are quite a few more scenarios that I cannot think off right now but that should give you an idea of the kind of scenarios you may need cover.
Hope this helps.