Background: Currently, all persons who have 'Read' access within any INX module can see the sensitive personal data (in the Person Details tab) for the people they have access for. With greater legislative requirements in relation to the collection, storage and security of personal data (as well as obligations on organisations to be able to report a potential access and/or worse - a breach), organisations need to look at the data being stored. The fields I am referring to are: General: (most are needed, propose that DOB is hidden - only Admins need to see this) Salutation, First Name, Last Name, Lookup Name, Employer, Supervisor, Network Username, Workgroup, Employee ID, Gender, Date of Birth, Mine Health Number Additional Information: (custom fields I thin could be hidden) USI Number (Custom Field - but I think many with InTuition would use it) Work Contact Details: (agree these are needed) Phone, Mobile, Fax, Onsite Contact, Email Emergency Contact Details: (I believe these should all be hidden - unless Admin) Contact Name, Relationship, Home Phone, Mobile, Address, Suburb, State, Post Code Additional Contact Details: (I believe these should all be hidden - unless Admin) Home Phone, Personal Mobile, Home Fax, Offsite Contact, Street Name, Suburb, State, Post Code Request for Change: I am requesting a number of different changes - one or more of these may address, but only for consideration: In the web UI - Hide all Sensitive Data (outside of the General Fields) to non-Administrators; In the web UI - Change the text to only show "xxxxx" where data is recorded for non-Administrators; In adhoc reports - remove the ability to report on 'sensitive fields' (IE modify the existing standard adhoc reports); Separately, I also believe that the data should also be masked in the DB.