FEATURE · ACCESS CONTROL

Your subcontractor’s compliance is your liability.

When you hire an external company onto your floor, their compliance lands on you the day the inspector walks in. Their workers train inside your platform and their results show in your dashboard — who passed, who’s expiring, who’s overdue — while they never see your internal staff data. Nobody reaches across a boundary they weren’t given: per-tenant isolation by default keeps multi-entity and partner training cleanly walled, and people only ever see the screens their role grants.

See it in action →
PER-TENANT ISOLATION · SUBCONTRACTOR COMPLIANCE · ROLE-SCOPED VIEWS
How it works
1
You
Add a subcontractor (isolated tenant)
Every entity, partner and subcontractor gets its own walled space — isolated by default, nothing shared by accident.
2
Their crew
Their workers train inside your platform
The subcontractor’s people complete site-induction courses in your environment — without ever seeing your internal staff.
3
You
Their results land in your dashboard
Who passed, who’s expiring, who’s overdue — the partner’s compliance shows next to your own, in one ledger.
4
Everyone
People only see the screens their role grants
A role scopes each person to their own data. Nobody reaches across a boundary they weren’t given.
Isolated by default · their compliance → your dashboard
Per-tenant
Isolation by default
1 dashboard
Staff + subcontractors
0
Access to your staff data
Role-scoped
Only their screens
The problem

Their compliance, your liability.

Every site that runs on contractors and partners hits the same wall:

Our subcontractor’s compliance is our liability, but their training happens outside our view.
EHS Director
We can’t prove a contractor’s crew was trained before they stepped on site.
Site Safety Lead
Onboarding a new partner company into our system is a manual mess.
Operations Manager
Access control · the right people see the right records

Their compliance in. Your staff data walled off.

You don’t chase a subcontractor for certificates or trust a boundary you can’t see. Their crew trains inside your platform and their results land in your dashboard — while per-tenant isolation keeps your internal staff invisible to them, and every person sees only the screens their role grants.

01Subcontractors

Their crew trains here. You hold the proof.

When an external company works on your floor, their compliance is on you the moment the inspector arrives. So their workers complete site-induction training inside your platform, and their results show in your dashboard — who passed, who’s expiring, who’s overdue — right next to your own staff. The wall only holds one way: you get their records, they get nothing of yours.

  • Their results in your dashboard. Pass, expiring, overdue — the subcontractor’s compliance reads straight off your own screen, not a PDF they email you.
  • One ledger when the inspector arrives. Your staff and your subcontractors in a single compliance report — one workforce, not yours plus theirs in two spreadsheets.
  • They never see your staff data. The subcontractor reads their own people and nothing else. Your internal staff stay invisible to them, by default and without exception.
  • Every record names the company. The subcontractor company is stamped on each row, so the proof of who was trained stays clean for the auditor.
talented.ai/org/compliance · staff + subcontractors Compliance SUBCONTRACTORS COMPLIANCE COMPANY WORKERS COMPLIANCE Ironside Welding 5 84% ALL COMPLIANCE RECORDS LEARNER COURSE SUBCONTRACTOR STATUS Hannah Bennett Lockout/Tagout Fundamentals - Compliant Lauren Hamilton Confined Space Entry - Compliant Tom Russo WHMIS 2015 Ironside Welding Expiring Lisa Park Fall Protection Ironside Welding Compliant Kyle MacLeod Workplace Ergonomics - Compliant YOUR STAFF AND YOUR SUBCONTRACTORS IN ONE LEDGER · THEY NEVER SEE YOUR STAFF EXPORT CSV
02Proof before the gate

Confirm the whole crew is trained before they arrive.

You shouldn’t find out a contractor’s crew was untrained after they’re already on the floor. Because their workers train inside your platform, an EHS manager can open one screen and confirm every name on the crew is compliant before the gate — not chase a stack of certificates the morning of, and not take the contractor’s word for it.

  • A clear before-site gate. Every worker on the crew shows compliant, expiring, or not started — so you know who can step on site and who can’t.
  • The whole crew at a glance. One roster for the contractor company, not a separate certificate hunt per person.
  • Proof, not their word. Because they trained here, the record is yours — verifiable on your screen, not a PDF they assembled.
  • Expiring before it lapses. A worker about to fall out of compliance flags ahead of the visit, while there’s still time to fix it.
talented.ai/org/contractors/ironside-welding BEFORE-SITE CHECK · IRONSIDE WELDING Is the crew clear to arrive? 4 / 5 CLEAR 1 expiring before gate WORKER SITE INDUCTION EXPIRES GATE Tom Russo Site Induction · Done in 6 days EXPIRING Lisa Park Site Induction · Done 90 days CLEAR D. Okafor Site Induction · Done 88 days CLEAR M. Haddad Site Induction · Done 102 days CLEAR J. Whitlock Site Induction · Done 71 days CLEAR CONFIRMED BEFORE THEY STEP ON SITE ✓ CLEAR CREW FOR SITE 4 ready · 1 to renew first Renew Tom Russo’s induction before the visit and the whole crew clears the gate. ● Proof on your screen · not the contractor’s word
03Access & security

Isolated by default. Scoped by role.

Nobody reaches across a boundary they weren’t given. Each entity, partner and subcontractor lives in its own tenant — per-tenant isolation by default, so multi-entity and partner training stays cleanly walled. And inside a tenant, you don’t hand-pick permissions per person: you give a role, and people only ever see the screens that role grants.

  • Per-tenant isolation, parent roll-up. Every entity, partner and sub is walled off from the start — yet you still get the consolidated view across all of them, while they never see each other or your staff.
  • Roles, not checkboxes. A role carries its own scope. People see only the screens it grants — nothing extra to click into by mistake.
  • Delegated admins, scoped to their slice. A super admin at the top; sub-admins scoped to a single plant, department or subcontractor — sub-tenants shaped to however your org is structured, each seeing only their part.
  • Enterprise identity, connected. Single sign-on (SAML/OIDC), SCIM auto-provisioning, and attribute-based scoping by site, department or shift — your directory drives access, no separate user list to maintain.
  • Multi-factor authentication, built in. Native MFA, password rules and session timeouts — no separate identity provider required.
  • Access reviewed, not assumed. Every six months the platform prompts owners to recertify who can see what — privilege creep caught, every change logged.
talented.ai/org/access · tenants & roles PER-TENANT ISOLATION · WALLED BY DEFAULT Main Division 52 staff · own data ⊘ OTHERS INVISIBLE Ironside Welding Subcontractor · 5 workers ⊘ NO STAFF DATA Partner Co. Entity · own catalog ⊘ WALLED TENANT ROLE-SCOPED VIEWS · ONLY THE SCREENS YOUR ROLE GRANTS TENANT ADMIN SITE MANAGER LEARNER Whole-tenant compliance Their own site only Edit catalog & assignments own site Own courses & certificates SET THE ROLE ONCE A site manager gets a role-scoped view of only their site’s compliance — not the whole company’s.
Before / after

Their word for it. Or proof on your screen.

The same contractors and partners, two very different ways to carry their compliance.

Today

Compliance you can’t see

  • ×A subcontractor’s training happens outside your view — but the liability is yours.
  • ×No way to prove a crew was trained before they stepped on site.
  • ×Onboarding a new partner company is a manual mess of spreadsheets and emails.
  • ×Shared logins and open data — anyone can drift into records that aren’t theirs.
With TalentED

Their proof in your dashboard

  • The subcontractor’s crew trains here; their results land in your dashboard.
  • Confirm the whole crew is compliant before the gate — on your screen, not their word.
  • A new partner spins up as an isolated tenant — no manual mess.
  • Per-tenant isolation by default; people see only the screens their role grants.
Use cases

One platform. Clean boundaries.

What walled tenants and role-scoped access look like across different teams:

General Contractor

Each crew trains, the General contractor holds the proof

A General contractor has each subcontractor crew complete site-induction training inside the platform, with results in the General contractor’s dashboard and no access to internal staff data.

EHS Manager

Cleared before the gate

An EHS manager confirms a contractor’s whole crew is trained and compliant before they arrive on site.

Site Manager

Only their site, nothing more

A site manager gets a role-scoped view of only their site’s compliance, not the whole company’s.

Safety Lead

Visitors cleared at the gate too

A visitor or delivery driver completes a short safety orientation before the gate — the same proof-before-entry that covers a contractor crew, applied to anyone stepping on site.

Plant HR

Agency workers, verified first

Temp and staffing-agency workers train and show compliant before they reach the floor — onboarded as their own walled group, with no access to internal staff data.

Safety Officer

Only the certified do the hazardous work

Confined space, hot work, working at heights — only workers cleared for that certification show as authorized, so the permit goes to someone actually qualified.

Their compliance in. Your boundaries held.

The liability for a subcontractor’s crew is already yours — so their training belongs on your platform, their results in your dashboard, and your internal staff walled off where they can’t reach. Per-tenant isolation by default, role-scoped views, and proof before the gate. No shared logins, no boundary you can’t see.

01 Subcontractor compliance 02 Proof before the gate 03 Per-tenant isolation 04 Role-scoped views 05 One ledger, one workforce
Wired to the rest of the platform

Who sees what touches every surface on the platform.

Access control is the boundary under everything else. From walled tenants and role scopes, the rest of the platform inherits who may see a course, who lands in a compliance report, and who shows up on a dashboard.

COMPLIANCE

Subcontractors in your ledger

Their compliance lands in your report, scoped to your site — one workforce, not two spreadsheets.
MULTI-SITE ROLLOUT

A tenant per entity

Every site and partner rolls out as its own walled tenant, isolated by default.
SMART ASSIGNMENT

Scoped enrollment

A role’s scope decides which crews and courses an assignment rule can ever touch.
ANALYTICS

Role-scoped dashboards

A site manager sees their site; the tenant admin sees the whole tenant.
Who this matters most for

Every role and rooftop, only what they should see

AUTOMOTIVE DEALERSHIPS

Automotive Dealerships

Each rooftop sees its own training and data, with SSO and the right access for every role.
FINANCIAL & PROFESSIONAL

Financial & Professional Services

Each branch keeps its own staff data isolated, with SSO and role-based access for tellers, advisors, and back-office staff.
EDUCATION & CHILDCARE

Education & Childcare

Each center keeps its own staff data isolated, with role-based access for directors, teachers, and aides.
RETAIL

Retail

Each store and region sees only its own training and reporting, with SSO and role-based permissions.

Show us your org chart.

“Excellence is teachable.”

Bring your entities, partners and subcontractors. Give us twenty minutes and we’ll map the walled tenants and role scopes for your real teams — and show their compliance landing in your dashboard, live on the call.

See it in action →