Summary

Add a dedicated and permanent audit/history log for Employee User Role assignments and permission changes within OnLocation, similar to the visibility currently available for Contractor Organisation Role Type updates.

At the moment, administrators can only track Employee User Role changes through the Data Audit logs, which are limited to a 30-day retention period. After this period, the history is no longer visible, making it difficult to trace older permission changes or investigate access-related concerns.

Current Limitation

Currently:

Employee User Role changes can only be checked through Data Audit
Data Audit history expires after 30 days

There is no dedicated long-term history or tracking specifically for User Role assignments

No easy visibility into:
who assigned the role
when the role was assigned
what role was changed
previous vs updated role permissions

This differs from Contractor Organisation Role Types, where administrators have clearer visibility and historical tracking when updates are made.

Proposed Enhancement

Introduce a dedicated audit log/history tracking feature for Employee User Roles that records:

Administrator/user who made the change
Employee affected
User Role assigned, removed, or updated
Date and timestamp of the change
Previous role vs updated role
Location/site associated with the change
Optional notes/reason for change

This history should remain accessible beyond the current 30-day Data Audit retention period.

Benefits
Improved Security & Accountability

Provides a clear audit trail for permission-related changes, especially for elevated administrative roles.

Better Visibility for Large Organisations

Helpful for organisations with:

Multiple administrators
Multiple locations/sites
Shared management responsibilities
High employee volumes
Easier Troubleshooting & Investigations

Allows teams to quickly identify:

Who granted access
Why permissions changed
When the update occurred
Who to contact regarding unexpected role assignments
Consistency Across OnLocation

Creates consistency between Employee User Role tracking and existing Contractor Organisation Role Type history visibility already available in the platform.

Example Use Case

An employee suddenly gains access to sensitive settings or modules months after onboarding. Since Data Audit only retains 30 days of history, administrators are unable to determine:

who granted the role,
when it happened,
or whether it was intentional.

With permanent role assignment history, administrators could quickly review the full audit trail and maintain stronger governance and compliance controls across the organisation.

Reference: 07154993