This pilot is designed so that staff can speak honestly without exposing themselves to their organisation. Here is exactly what each role can and cannot see.
Their own journal entries, impulse responses, bookings, wellbeing trends, and any transcripts of their own sessions.
Only the staff assigned to them. They see booking context, session notes they author, and journal entries that the staff member has explicitly chosen to share. They never see organisation-wide data.
Operational data needed to run the pilot: users, bookings, counsellor assignments, audit logs, anonymisation settings. W4D administrators should not casually view private staff content unless operationally necessary.
What organisation HR can see
Anonymised trends, participation percentages, aggregated stressor themes, and programme-level recommendations.
- Individual journal entries
- Individual impulse responses
- Session notes
- Transcripts
- Names of staff who used counselling
- Private reflections
- Risk notes
Speech to text and audio storage
Audio is used only for immediate speech-to-text processing. Audio is not stored. Only text transcripts may be retained. Transcripts are stored in a secured vault and are visible only to the staff member and their assigned counsellor.
All organisation-level metrics are aggregated. No record contains a name, email, or identifier traceable to a specific staff member.
If any filtered group has fewer than the minimum cohort size (default 5), dashboards and reports are suppressed and replaced with a confidentiality message. This prevents re-identification of individuals in small teams.
Escalation and referral boundaries
Counsellors mark urgent risk through the approved escalation pathway. The platform does not auto-disclose risk to HR or the organisation.