Applying a Data Sensitivity Category to the role will determine whether the user has access to the list of objects that have been restricted using this approach:
Dashboards layouts
Document types
Production reports
User reports (system and company level)
User report types
Granting or Denying access to a Data Sensitivity Category is administered at a role level on the Advanced Data Restrictions tab on the Security Role Maintenance screen. Objects which do not have a data sensitivity category assigned to them, will be visible to users whether the Default Access Type field shows <Grant> or <Deny>.
To control the visibility of objects where the Data Sensitivity category is applied, select click [New] to add a new Exception. Select from the Data Sensitivity Category drop down list and press [Save]. Note: The Data Sensitivity list can be modified using the Lookup Maintenance screen.
If <Grant> is selected within the Default Access Type dropdown, Exceptions set with that chosen Data Sensitivity Category will not be seen by users. Otherwise all other Data Types can be seen by users.
If <Deny> is selected within the Default Access Type dropdown, Exceptions that are set with ONLY that Data Sensitivity Category will be seen by users. Otherwise all other Data Types WILL NOT be seen by users.
In the below example, a user assigned to this security role will not be able to see objects with any of the assigned Data Sensitivity Category values except for the value of Testing Category.
