When multiple teams collaborate on a single ActivityInfo form, balancing data visibility with privacy can be a major challenge. While record-level rules allow you to control which rows a user sees, field-level permissions let you decide exactly which columns or fields are visible or editable within those records.
This means a single form can serve multiple audiences. For example, you can safely redact sensitive, personally identifiable information (PII) from general project staff while still allowing other teams to view or edit the specific data they need.
We have a lot of roles set up which have “view” only access to the data present in the system. However, our users wanted something similar to word/excel where they could comment on the data present without actually amending the raw data. There isn’t an inbuild comments option in the system so we developed a field to add comments but then granted selective access to those “view” only roles to be able to edit this field (add comments in).
We have rightsholder data in the system which is very locked down (only a select few people have access to that subform). What we had realised that with denying access to that subform meant that users could not see the rightsholder numbers either. So we granted “view” access to an inconsequential field (activity name field or a notes field) in the subform which then led them to be able to view the rightsholder numbers without having access to the rightsholder data itself.
