You are here:
Control Who Sees What with Compliant Data Sharing
Compliant Data Sharing is an addition that Salesforce offers for sharing data.
Required Editions
| Available in: Lightning Experience |
| Available in: Professional, Enterprise, and Unlimited Editions in Financial Services Cloud |
| Available in: Enterprise, Unlimited, and Developer Editions with Nonprofit Cloud |
| Available in: Enterprise, Performance, Unlimited, and Developer Editions with Public Sector Solutions |
Compliant Data Sharing works with other Salesforce data sharing features.
When a user or a participant group is assigned as a participant for a record, a junction object is created. However, share table entries are only created when the associated participant role’s access level is greater than the org-wide default for the parent object. Changes to org-wide defaults for the parent object also affect share table entries for existing participant junction objects.
For example, the org-wide sharing setting for Account and Contact is Public Read/Write. You assign Hana Singh as a participant to the Smith Corporation with the Inside Rep role that has Read/Write access. An account participant record is created that connects Hana Singh as an Inside Rep for the Smith Corporation. The Inside Rep role’s access is equal to the org-wide default access for the Account object, however, so no sharing table record is created. Change the org-wide default access for Account and Contract to Private, and a share table record is automatically created for the existing junction object. Change the org-wide default access back to Public Read/Write, and the share table entry for the junction object is deleted.
See Also
Who Has Access to Records with Compliant Data Sharing?
Compliant Data Sharing allows record owners the ability to grant access to their records to other users. Users above the record owner in the role hierarchy and non-record owners with edit access granted through Compliant Data Sharing have the same ability as record owners.
Compliant Data Sharing works with other Salesforce data sharing features. When an opportunity record is shared using Compliant Data Sharing, an opportunity participant record is created. It contains:
- The user with the Use Compliant Data Sharing permission or a participant group to be granted access.
- The participant role that defines the level of record access.
To see a list of users who have access to a record and the reason for that access, click the Sharing button on the opportunity detail page in Salesforce Classic. Click Expand List to see all users who have access.
Sharing table records aren’t created for users whose granted access is less than the organization-wide default access. This behavior includes opportunity participants whose participant role grants less access than is available through organization-wide data sharing defaults for the Opportunity object.
Private Opportunities Consideration
You can’t assign opportunity participants to an opportunity set to Private.
If an opportunity record has opportunity participants with associated share table entries, the share table records are deleted when Private is enabled for the opportunity. The opportunity participant records aren’t deleted when Private is enabled for the opportunity. It’s recommended that you manually delete opportunity participants for an opportunity before you enable Private for that opportunity.
If a private opportunity has opportunity participants and Private is disabled, share table records aren’t created. To grant access to existing opportunity participants, delete and recreate the opportunity participant records.
