Many corporate information security standards require that an entity's employees have access only to records that pertain to their own business. Such corporate information security standards help reduce the chances of unauthorized distribution of materials and documents in addition to maintaining privacy concerns of customers and employees of the entity. Entities with large organizational structures may have many different departments with many different employees working within those departments. As such, an employee of the research and development department may have access rights to one set of documents while an employee in the financial department may have access rights to another set of documents.
In businesses with four to five employees, maintaining proper hard coded access rights to documents may be manageable. However, in the situation of a large entity, employees are constantly moving within the entity and the entity frequently changes its organizational structure. In such a situation, hard coded access rights architecture presents a maintenance challenge that is not practical.
Some entities employ an on-line ordering system provided by an outside supplier. However, such a system still fails to control access as required. A suppler only can support providing access by a predetermined structure of predefined and fixed levels. These levels are hard-coded at time of account set-up and do not offer dynamic flexibility as employees move within the entity and/or as the hierarchy of the entity changes.
Therefore, there exists a need in the art for an automated system that tracks the hierarchical movement of an employee with a document access rights system.