DISCO is pleased to announce its latest user permissions improvement, tag permissions. Now administrators can choose to provide users with management, editorial, or view-only access to each tag group or to individual tags. Use this feature to lock down tagging decisions once review is complete, or create special purpose tags available to only specific users.
To access the new tag permissions, in the main menu, click Users & Roles.
Users & Roles page is where administrators can add new users and assign them one of DISCO's three standard roles (Admin, Reviewer, or Restricted Reviewer) or create a custom role. Notice the upgraded interface when you click the Roles tab. Under Feature Permissions, you will still be able choose which features each role will have access to, however, we have now added a new section called Work Product Permissions. Expand Work Product Permissions to view two new permission areas: Tags and Fields, folders, notes, and redactions.
Fields, folders, notes, and redactions allows you to add and remove edit permissions for each of these features.
- View is always enabled for all roles and provides users with the right to see if there is any information for that feature for a specific document.
- Edit provides users with the right to use each feature for a specific document.
Expand the Tags section to set permissions on tag groups or individual tags.
Next to each tag group name you will see a dropdown that allows you to set permissions for that tag group. Those permissions include:
- None – Users will not have any access to the tag group, including being unable to view any tags within the group
- View – Users can view tags within this group
- Edit – Users can add tags to this tag group and control color, order, and group name
- Manage – Users will be able to delete this tag group
In addition, you can set additional permissions on individual tags within a tag group. Those permissions include:
- View – Users can view when the tag has been applied to a document
- Edit – Users can apply or remove the tag to or from a document
- Manage – Users can delete, reorder, and edit the shortcut for the tag
Under each tag group will be a New tags row. Here you can set the permissions for any new tag created within that group. If you are worried about the wrong permissions being applied to a newly created tag, you can uncheck all the boxes. In the example below, a user in this role would be able to view all existing tags within the tag group and would be able to add and remove the existing tags. However, they would not have any rights to any new tags created under this group.
In addition to setting permissions for tags yet to be created within an existing tag group, you can set default permissions for any new tag groups that have yet to be created. Please keep in mind that you can update a custom role’s access to any tag or group at any time.
To better understand tag permissions, let’s walk through an example case. As the administrator, you have created all your required tags. In addition to standard tag groups, such as Responsiveness and Privilege, you have created a group named Information and another named Admin. The Information group will be used to alert attorneys about the current status of a document, such as if it's being reviewed by outside counsel or was produced. While the attorneys need to see to which documents these tags have been applied, they will not need to add or remove these tags to/from any documents. You have set up the Admin tag group to allow you to prepare documents for QC and production purposes. Only other administrators and yourself will need access to this group.
Let’s say you have been asked to create a new role called Staff Attorney. You can start by either creating a new custom role from scratch or by copying an existing role.
Next, you will name your new role and set the feature permissions by selecting and deselecting the checkboxes to the left of each feature name. If you have any questions about the implications of adding or removing a feature, look for and hover or the i icon for explanations.
Once your feature permissions selections are complete, you can move onto Work Product decision. (Note that Fields, folders, notes, and redactions will default to Edit rights.) Once you have finalized the Work Product decisions, you are ready to focus on tags.
For your example case, your staff attorneys will need the following permissions:
- The ability to view, add, and remove tags within the Responsiveness, Privilege, Confidentiality, and Information groups without the ability to add new tags to the groups or modified existing tags. This can be done with View access to the group.
- The ability to create new tags and reorder as needed within the Important and Issue tag groups. This can be accomplished by providing the staff attorneys with Edit access.
- The users in this role do not need any access to the Admin group, so you update that group permission to None.
In addition, this role does not require the ability to delete, reorder, or edit shortcuts for the tags outside of those within the Important and Issue groups. Therefore, you can remove the ability to manage from all the individual tags. Note that by clicking the checkmark to the right of Manage at the top of the Tag Permissions area you can bulk remove the Manage ability from all individual tags.
Since the Information tag group is for reference purposes, you can remove Edit abilities from that tag group as well. Once you have finished updating your tag permissions, click Save and your new role with advanced tag permissions will be created and look similar to the picture below.
For the users who have been assigned the Staff Attorney role, tagging will look like this. When a staff attorney views a document in the document viewer, the tag pane will only contain tags they have the ability to add or remove to or from the document they are viewing. They will be able to select any of the tags they see by either clicking on the tag name or using the tag’s assigned keyboard shortcut.
Since they have been provided edit access to the Important and Issue groups, the staff attorneys will be able to create new tags on the fly by typing in the tag pane. Once they have created a new tag (in this case, ISSUE D) they can select to associate the new tag with a tag group in which they have Edit rights and click Create and apply tag to create the new tag.
If the user’s role did not have Edit rights to any tag group and they attempted to create a new tag on the fly (in this case ISSUE A), they would not be able to associate the tag with a tag group (as seen below). Since the creation of a new tag is dependent on associating it with a tag group, the user would not be able to create the tag and apply it to the current document.
For tags to which the Staff Attorney role only has View access, they would see the tags listed in the VIEW-ONLY TAGS area in the tag pane in the document viewer.
Since you have provided the staff attorneys with the ability to edit tags within the two existing tag groups, they will be able to access the tag management feature. For the groups to which they have Edit rights, they will be able to add new tags, move a tag to another group they have Edit rights to, and update keyboard shortcuts. However, they will only be able to delete tags if they have been given Manage permissions.
For tag groups in which staff attorneys do not have Edit rights, they will not be able to add, move, or update tags. Finally, for groups such as Admin, for which the Staff Attorney role was given no permissions, they will not be able to see the tag group or underlying tags at all.
Tag permissions will carry through to viewing and applying tags in DISCO. Let’s say there are six documents tagged Prod001 from the Admin group. When logged in to a database as an administrator, you can see all the tags that have the PROD001 tag in the search filters.
However, if when the staff attorney logs in, they cannot see any of the tags from the Admin group in search filters. The Admin group tags will also NOT be displayed in Search Builder.
While restricted tags applied to documents will not be visible to users who do not have permissions to them, if a restricted user were to run a search such as tag(!), their results would include documents that contain the restricted tags. Furthermore, they will be able to see the total tags applied to each document in the TAG COUNT column in the document list view. However, if they hover over the tag icon or include the Applied Tags field in their custom view, they will not be able to see the names of the restricted tags.
As an administrator, you will need to create Review Stages for your team. In this case, if a Review Stage requires the ability to add or remove or view tags to which the staff attorney does not have adequate permissions, DISCO will alert you that the assigned reviewer does not have access to the necessary tags. Furthermore, it is also important to note that if you provide reviewers with access to Redactions and Notes in a Review Stage, that will override any restrictions that might have been placed on the reviewers due to their role assignments.
For more information, see Creating custom permissions and Custom columns.
This feature is available in all databases created on or after November 14, 2017.