Vocalize - Setting Data Restrictions | Qualtrics

Data Restrictions

When sharing a dashboard, you can choose to limit data by user or role. Any user or role with whom the dashboard is shared will be able to view the dashboard with the restrictions you choose. These restrictions will apply to all widgets and pages. Note that you are only able to restrict the data that individuals can access and not specific pages of the dashboard.

Restrictions based on Survey Data

  1. Share your dashboard to a user or user role with View-only access selected.
    Data Restrictions - 1

    Qtip: You cannot restrict data for all users of a dashboard – data must be restricted on a user or role.
  2. Click on the Add Data option next to the individual’s name (if a data restriction is already in place, the data restriction will display instead of “all data”).
    Data Restrictions - 2
  3. Click on Add Restriction button.
    Data Restrictions - 3
  4. Choose any Text Set or Number Set field within your data set.
    Data Restrictions - 4
  5. Select the Is Operator.
    Data Restrictions - 5
  6. Select the values in the dropdown that you want the user to be able to access. (You can select multiple items.)
    Data Restrictions - 6

    Qtip: You can only set static restrictions for values that are currently in your data set.

Restrictions based on User Attributes

  1. Share your dashboard to a user with View-only or Export access.
    Data Restrictions - 1
  2. Click on the Add Data option next to the individual’s name (if a data restriction is already in place, the data restriction will display instead of “all data”).
    Data Restrictions - 2
  3. Click on Add Restriction in the pop-up window.
    Data Restrictions - 3
  4. Choose any Text Set or Number Set field within your data set.
    Data Restrictions - 4
  5. Select the Matches User Attribute operator.
    Data Restrictions - 7
  6. Select the values for the dropdown that you want the user to be able to access.
    Data Restrictions - 8

User attribute data restrictions are commonly used with SSO logins to use your already existing hierarchy to limit access to data. For example, an SSO login system could store an attribute called “StoreID” with each user’s store ID. If the store ID is also present in your dashboard data, you could restrict based on the store ID found in the User Attribute. The field and SSO attribute names don’t need to match, but their values do.

This is particularly useful when using both User Roles and Attributes. By sharing with a User Role, then limiting the data by a User Attribute, each user will only see the data that matches their User Attributes. This allows you to share the dashboard with hundreds of individuals with just a few clicks rather than having to collaborate with every user individually. Your users must have User Attributes set for this to work.

Allow Rollup Data

Allow Rollup Data allows users to view all of the aggregate data but will restrict data filtering according to the data restrictions. For example, a data restriction for “Region is West” with rollup data would allow a user to see the aggregate data across all regions but the user would not be able to filter the data down to the Eastern region.
Data Restrictions - 9

sub

Restricted User’s View

If you have applied permissions to the user’s role or directly to the user, all data they see will be limited to their data restrictions. They will still see that filters are applied, but the un-editable filters will show in dark gray. The restriction is applied regardless of whether the restricted field is present as a page-level filter or not.

If you have allowed users to see multiple values within a set, they will be able to toggle between these filters. Similarly, if there are other values that are dependent on the restricted value (e.g., multiple restaurants within one state), all values that fall beneath the restricted value will be available.

Restricting Data Individually and for a User Role

An administrator can also set data restrictions for a user on an individual basis and as part of a role.

If a user has restrictions applied to both their user and their role, and the restrictions are on different fields, the user will have access to all data allowed by the union of their restrictions (that is, only the results that match all restrictions).

For example, If the Role “North America” has access to all results from North America and the user is in Role “North America” and also is restricted to Product = Mobile, the user will have permission to view all results that are both from North America and Mobile.

If a user has restrictions applied to both their user and their role, and the restrictions are on the same field, the user’s restrictions will override the role restriction.

For example, if the Role “North America” has access to all North America results and the user is in Role North America and also has been given permission to view results from only Europe, the user will only have permission to view the European results.