Skip to main content
Subject Security in Results Reports

#ETO #Security #Results

Updated over a year ago

When creating reports in ETO Results using Standard Universes, subjects (Participants or Entities) may appear differently for each User reporting role.
​See also: Data Security and Reporting Roles

The User's reporting role plays a part in what data a User will see in a report. There are only 3 reporting roles available in ETO. The User role and the reporting role can be different. Generally speaking, Enterprise managers will have an Enterprise manager reporting role, Site managers will have a Site manager reporting role, and department heads and below (Program managers, Staff, etc.) will have a Staff level reporting role.

  • Enterprise Managers: can see all subjects within the Enterprise (all Sites and Programs)

  • Site Managers: can see all subjects with enrollments within the Site they have access to

  • Staff: can see all subjects with enrollments in any Programs they have access to

However, in Universes that are subject-based, Users will be able to see data such as enrollment information for any Participant/Entity that they have previously had access to in ETO. For example, if a Staff level User (with Staff level reporting role) has access to an Intake Program and Joe Smith was enrolled in Intake for 2 days and then dismissed, the Staff level User would be able to see Joe's enrollments in other Programs when opening a report using a subject-based Universe.

Subject-based Universes are Universes that are anchored on a subject. Examples include Standard Participant Universe (the Participant is the anchor) and Standard Entity Universe (the Entity is the anchor), as well as custom (User created) Universes.

As an example, Joe Smith has been enrolled in 2 Programs in a Site. He has been dismissed from one Program, but remains active in the other Program.

As a Site manager reporting role, I can see the following data in reporting:

Which also reflects the data I can see within the UI of ETO:

As a Staff level reporting role, who has access to the Parks and Recreation Department Program, but does not have access to the Pawnee Rangers Program, I can see the following data in reporting:

Which also reflects the data I can see within the UI of ETO:

Because the Staff level User has had access to Joe at one point, the report does not exclude the User from seeing Joe's data in reporting.
​
​If a Staff level User who did not have access to either of the Programs that Joe has been enrolled in within the Site viewed the report, Joe would be excluded from the report altogether for that User.
​
If you want to limit the data a User has access to within reporting to only the Programs they have access to, you can create a re-query that pulls Program name from a Program-based Universe (Standard Programs Universe). To re-query for Program name, follow the steps in this article.

After the re-query is set up, if a User with a Staff level reporting role opens the same report, they would only see data pertaining to the Program they currently have access to:

Did this answer your question?