Skip to content

Protect sensitive data

Best practices for protecting sensitive information

Never store sensitive data directly in Tallyfy - keep it in your secure systems and link to it instead. This protects confidential information while letting your workflows reference what they need.

Got workflows that handle Social Security numbers, credit card details, or patient records? Here’s the thing: you can’t just drop that sensitive info into task descriptions or form fields. That’s asking for trouble.

Recommendations for handling sensitive data

Here’s what actually works:

  1. Store sensitive data securely outside Tallyfy: Your confidential info belongs in dedicated secure systems - think encrypted databases, your existing HR platform, or that specialized finance software you’re already using. These systems have the access controls you need.
  2. Limit access: Only authorized users should touch the secure system where your data lives. Period.
  3. Don’t put sensitive data directly in Tallyfy: This one’s critical. Never type or paste sensitive details into Tallyfy task names, descriptions, or form fields. Not even once.
  4. Link securely: Here’s the smart move - add secure links in your Tallyfy task descriptions that point to where the data actually lives.

Simple, right?

Let me walk you through this (it takes maybe 2 minutes):

  1. First, make sure your sensitive info is already stored securely in your other system. Don’t skip this step.
  2. Grab a secure link (URL) that lets authorized users access that specific data. Most systems can generate these.
  3. Open the Tallyfy task where you need to reference this data.
  4. In the task description, explain what the data is and add your secure link. Something like: “Review the customer’s credit application here: [secure link]”
  5. Save the task description.

Done. Your workflow can now reference the sensitive info it needs without actually storing it in Tallyfy. The data stays safe in your secure system, and your team can still access it when they need to.

Collecting sensitive documents securely

Need to collect sensitive documents from clients or external users? Use file request links from your document management system. This approach lets people upload directly to your secure DMS without the files ever passing through Tallyfy. Perfect for law firms, healthcare providers, and financial services where compliance matters.

Document Management > File request links

File request links enable secure document collection from external users by generating unique upload URLs that allow anyone to submit files directly to your document management system without requiring account access or system permissions.

Integrations > Document management

Tallyfy can integrate with existing document management systems to handle workflow orchestration while maintaining your current security protocols and document storage solutions.

Terms Legals > Tallyfy's privacy policy

Tallyfy’s privacy policy and security documentation can be accessed through dedicated web pages that outline data collection practices protection measures and compliance standards.

Miscellaneous > File storage and security

Tallyfy stores files securely in Amazon S3 with plan-based storage limits and recommends using external cloud storage solutions like SharePoint or Google Drive for advanced document management while linking files within workflows to optimize storage allocation and meet organizational compliance requirements.