Administrators might attempt to protect or limit a user's access only to particular Participant records. One example of this may be if an existing Participant later becomes an ETO user as a staff member of your organization; you may wish to restrict access to their own previous Participant data.
Unfortunately, there is not a way to mark a single Participant as "Confidential".
If the old Participant file and associated data can be removed from ETO completely, then Admins can perform a Delete Fake. Change the Participant's name to Fake and click Delete Fakes. This will delete all demographic, Touchpoint, legacy, and associated data for the Participant.
The second option is to implement Caseload restrictions. Users can be given specific caseloads assignments and their access to ETO can be restricted based on their caseload. This requires that Admins build caseloads for users and set caseload restrictions for those users. Once implemented, the user would only be able to access the data of Participants on their caseload.
There are some other creative solutions to this problem.
Some organizations disguise Participant data by changing the name on the record.
Some organizations delete all the enrollment history for the Participant and then restrict access to Find Participants. This ensures that lower level users cannot find Participants in the site who have never been enrolled in a program.
Beyond these options, there is not a way to singularly limit Participant data access. By default, if the user has access to the program where the Participant was enrolled, they have access to the data.