Navigating the world of data sharing in the financial services sector can be a daunting task. Strict regulations and company policies require firms to remain compliant while handling and sharing sensitive client data. Salesforce’s Compliant Data Sharing offers a solution that allows organizations to share records, including those containing material non-public information (MNPI), in a compliant and secure manner. This powerful tool is available as part of the Financial Services Cloud.
When is Compliant Data Sharing the right fit for your organization?
Financial services institutions that need more granular control over data sharing than traditional configuration-based sharing can provide should consider Compliant Data Sharing. It is designed for handling sensitive records containing MNPI and other confidential information, as well as those related to investment banking activity or high-net-worth and famous clients. Unlike conventional sharing methods, such as sharing rules and role hierarchy, Compliant Data Sharing provides precise sharing controls for specific users and individual records.
What objects are supported by Compliant Data Sharing?
Beginning with the Summer ’22 release, Compliant Data Sharing supports custom objects alongside two standard objects (Account and Opportunity), as well as Financial Deal, Interaction, and Interaction Summary from the Financial Services Cloud data model.
Does Compliant Data Sharing play nicely with other Salesforce data sharing features?
Seamlessly integrating with existing Salesforce data sharing features, Compliant Data Sharing creates entries in the associated object’s share table, ensuring that the participant’s role access level is less restrictive than the organization-wide default.
What sets Compliant Data Sharing apart from account/opportunity teams?
While account teams and opportunity teams allow Salesforce end-users to grant access to a record by specifying a target member’s user role and access level, Compliant Data Sharing takes a different approach. Instead, end-users simply assign a contextual role to a participant, with data access granted automatically based on the default access level configured for that role. This consistency is maintained throughout the organization.
What happens behind the scenes?
Compliant Data Sharing leverages a combination of declarative configuration and custom objects to manage and monitor shared contextual data. Administrators define participant roles, access levels, and optionally, participant groups. End-users with proper permissions can then assign users with a role as a participant to a record, granting them access based on their assigned role and defined access level.
As first-class objects, Compliant Data Sharing participant tables can utilize standard platform features like validation rules, approval processes, and Salesforce Flow, ensuring that configuration updates adhere to your organization’s business policies.
My compliance and info-sec colleagues are going to need to see who has access; what can I do?
Being able to document and verify who has access to what records is critically important. With Compliant Data Sharing, you can use SOQL to query data from the share table for each object. For instance, if you’re using it in conjunction with Opportunity, you can run a SOQL query on OpportunityShare where RowCause = ‘CompliantDataSharing’. Alternatively, you can export this data using Data Loader and query/report on the data.
Salesforce’s Compliant Data Sharing offers a secure and compliant solution for financial services firms to share sensitive data. For many organizations, Compliant Data Sharing could be an alternative to APEX Sharing for more complex sharing requirements than would be supported with other configuration based sharing.
Has your institution explored or implemented Compliant Data Sharing? Drop us a line and share your thoughts and any tips & tricks!