@DonkeyBot one thing you could do is create a Suitelet that exposes the record, set it to execute as a role that has the permissions and make it available on employee center.