One of the things that makes cloud-based systems like cuForms different to old-style IT systems is that new features are being added all the time, rather than once a year or so.
At cuForms, we release new features every month – you can find a summary of these releases here in the manual.
From now on, we’ll highlight major improvements in this blog – please do post comments below, including requests for new features.
Because cuForms holds personal data about your members and applicants, it’s important that it’s kept secure – so we make sure we keep up with best practice in system security.
Two-factor authentication reduces the risk of an intruder accessing the system by obtaining or guessing the password of one of your users. In future, each time you login to cuForms from a computer you haven’t used before, the system will send a 6-digit “one time security code” to your registered email address, and you’ll need to enter that code to login. If you’re logging in from a computer you trust, you can check the “Trust this computer” box, and the system will store a cookie on your computer so you won’t be asked for a security code again in future.
If any of your users don’t receive their security code email, the code is also shown on the User Management screen.
Data retention rules
It’s important that personal data isn’t held on any system longer than needed – in fact it’s the law… the Data Protection Act says that personal data “shall not be kept for longer than is necessary”.
To help you manage the personal data you hold, we’ve introduce automated data retention rules. We’ve set some default rules, which we think meet the requirements of the Data Protection Act, but you can set your own rules if you wish.
You can set different rules for each form you publish. There’s a new Data Retention Rules option in EDIT FORM SUMMARY, which gives you four choices:
- Retain indefinitely: this is the default setting, and means that no data collected on this form will ever be deleted. You should only use this setting for forms that contain no personal data.
- Credit application – redact, purge and archive: our advice is that unsuccessful credit applications (and all credit and ID&V search information) should be deleted after 3 months, and that successful credit applications should be deleted after 18 months. However, to allow you to analyse your decision making over time, we don’t delete these records completely – instead we delete just the personal data, and save these “redacted” records in an archive so you can review them in future. The redacted records will still keep the year from DOB and the first part of the postcode so you can carry out demographic analysis.
- Misc form – purge without archive – short retention period: data in these forms will be deleted completely after 3 months
- Misc form – purge without archive – long retention period: data in these forms will be deleted completely after 18 months
If you want to choose different retention periods than our defaults of 3 and 18 months, you can set these values in Account Administration.
Include existing balances
If existing borrowers take out additional borrowing, which you combine into a single new loan, you can now take account of this by adding an admin field with LIB=loan_current_balance. The new borrowing should be marked LIB=loan_new_amount, and you need to set a new hidden field for LIB=loan_amount, which will be set to the sum of the existing and new borrowing for affordability and interest calculations.
Please get in touch if you need help with any of the new features listed above.