Crisisworks Release 4.16

June 12 2018

This release contains the first stage of work towards the Crisisworks Single Sign-in, Crisisworks ID Project.

The end goal of the project is to allow users to use a single account to login to multiple Crisisworks sites (once access is granted) including VPR.

This update includes changes to user profile settings, making users compatible with the new authentication technology.

User Account Updates

The key changes to user accounts are:

• every existing and new user account must now have an email address, and

• email addresses must be unique, and the same email address cannot be shared between user accounts on the same Crisisworks site

User Deactivation

Additionally, in 4.16 includes a new account security feature, that deactivates inactive accounts that have not been used for more than 24 months. 

A user will be sent a deactivation email notification 30 days prior to the 24 month period, asking them to log in an update their user profile details. Seven days prior to deactivation, if the user has not logged in, they are sent a final reminder. If the user still does not log in, their account will become inactive on the 24 month. In the future this 24 month period may be reduced for some or all sites.

Site ‘Full Access Administrators’ will be sent a summary notification when users receive the 30-day warning, and again if the account is deactivated.

Non-compliant User Accounts

As part of this update, we are reviewing existing Crisisworks user account in preparation for these changes so they comply with the new user account requirements. Non-compliant user accounts will need to be made compatible by Crisisworks administrators.

An additional automated notification will be sent to 'Full Access Administrators’ listing user accounts that do not comply with the new restrictions, that is, users that do not have an email address and users who do not have a unique email address.

More information about these changes can be found on the following Support Page.