Set up Data Sharing Rules - Zoho Desk

Setting up Data Sharing Rules in Modules

The Data Sharing Rules allow admins to define view and access permissions to the organization users for modules such as Tickets, Accounts, Contacts, Patients etc. 

Depending on user profile and their role each person should have varying levels of access to the records. This allows an organization to maintain compliance and security standards. For example, a team lead should be able to view his team members tickets and events for monitoring the progress. 

Data sharing rules provide following benefits:
  1. Enhanced security: Data Sharing Rules help restrict access to sensitive information, ensuring that only authorized personnel can view or modify certain data in a module.

  2. Privacy compliance: They enable organizations to comply with privacy regulations (e.g., GDPR, HIPAA) by controlling access to personal or confidential data.

  3. Customization: Organizations can adjust and set access rules to match their unique workflows and security requirements, preventing data breach and security lapses.

  4. Improved collaboration: Data Sharing Rules strike a balance between security and collaboration, allowing team members to access and work on shared data while maintaining controlled access.
Availability
Info Permission Required
- Administrators have the default access to edit and manage data sharing rules permissions.
- Agents with the "Manage Permissions" privilege under the Administrative Permissions can edit and manage data sharing rules permissions.
Check Feature Availability and Limits

Record and module access using data sharing rules

While setting up data sharing rules, admins can provide users with different levels of access permissions. These permissions are provided at a module level and define how the records are viewed and access by users. For example, a trainee can only view tickets but should not perform any actions. Data sharing allows to select the following access levels:
  • Private: The record owner and their superior can view the record. The admins can also view all the records in a department. For example, with Private access to Tickets module, the ticket owner, their superiors, and the admin have full access to the tickets. 
Notes
Support administrator permission: An edge case
In all modules (standard and custom) including Tickets module even if the access permission is set to Private, the support admins can view all the tickets within a department. The data sharing rule will override the access restriction that is expected to follow based on the role hierarchy.

For example, a support rep who has admin profile will be able to view all the tickets in the department, even if their role hierarchy is as follows: support manager > support rep > trainee. 

This is particularly important considering that admins are involved with monitoring SLA violations, accuracy of resolutions provided to the customer, modifying process workflows, and auditing the service quality parameters. 
  • Public Read-only: Users can only view others' records but cannot modify and delete the records. For example, with Public Read-only access to Tickets module, all support team members can see the tickets, but they can't change or delete them.

  • Public Read/Write/Delete: Other users within the department can view, modify and delete the records. For example, with Public Read/Write/Delete access to Tickets module, any team member can view, update, or close a ticket as needed.
Info
Points to remember
  • By default, all the modules have a Private option.
  • If the Organization-wide permission is set as Public Read/Write/Delete, everyone can access and update all the users’ data. Role Hierarchy will not be applied in this case.
  • If the Organization-wide permission is set as Read Only, everyone can only view the other users' records. In this case, other users cannot modify the owner's records.
  • If the Organizational permission is set as Private, Role Hierarchy can be applied.
  • In the Import History, records that belong to you and your subordinates (if any) will always be shown.
  • All Attachments, Comments, and Time Entries belonging to a record are accessible if you can view that record.
To setup data sharing rules
  1. Go to Setup (  ) > User Management > Data Sharing.
  2. In the Data Sharing Settings page, click Edit Data Sharing.
  3. In the Edit Default Organization Permissions page, update the Access Privilege for modules:
    • Private
    • Public Read Only
    • Public Read/Write/Delete
  4. Click Save.
Notes
Note: The organization-level data sharing permission is not supported for the following modules - Chat, Social, Community, Reports, and Dashboards.