Hope all is well with you.
I am investigating the benefits and drawbacks of one-directional queries directly to a companies payroll database.
To elaborate on the above, at present access to the database is held by the Payroll Team and a few individuals in Finance.
To access the database (maintained by the IT deparment, provided by an external supplier), users utilise the Graphical User Interface (GUI) which achieves the goals however has its limitations when producing regular reports.
It is however possible for a one-directional download of data through querying the database directly which would allow opportunities for improved automated reporting (such as automated Leaver reports or recording aging for GDPR reviews).
From a security perspective, access would be specifically granted to the current trusted users and the queries could only be run by those users. The information output would be largely the same as from the GUI and stored with the same compliance procedures. From a data integrity perspective, both the IT deparment and the software supplier agree there would be no impact on the system and information only flows downhill (no uploading to the database).
What are your thoughts on the matter? I can see the benefits in improved automated reporting on demand, but have not heard of any instances of this before (though I believe in the general direction towards database models and outputs as an industry trend).
Unsure of the GDPR complications - its the same database access but through a different method - so I would assume not an issue as long as the current policing of the database is GDPR compliant.