Recommended way to hide PII for dashboard builders

We would like to create a role/user group who can use our DHIS2 2.37 instance for the purpose of creating dashboards and building reports. Data has been collected using tracker and the Person TEI. In order to build dashboards/reports access to Personal Identifiable data (PII) is not needed. What is the recommended approach to create such role/user, is there one already built in? should we change the sharing settings at the TEI level or the Data Element level, or create a Data Set specific for this purpose and manage access there, any other ideas?

Thank you,


If the role of the user is very specific then it is easy to choose what to share and what not to share; however, the complexity is that making sure that sharing settings are configured properly through out for all users (or group of users) and not just one user. It also means that when a user has limited access there needs to be an effort to ‘keep’ sharing the objects whenever they are created.

Sharing can be at the Metadata level and at the Data level which means that a person who develops a program doesn’t need to access the Data level or that a person who only needs to enter data doesn’t need to access the Metadata level to make changes.

To answer your question in simple words, if a person doesn’t have access to the data level they could still view program indicators shared to them in an item created by one of the analytics apps which means they will be able to access the dashboard as well as add that item to the dashboard.

I recommend going through the docs explaining the sharing of objects in more details

As for the recommended approach, yes there are some general recommendations; however, it needs to go through the system designer as each system will have its unique requirements. Here’s a nice reference from the docs: Users, Roles and Groups - DHIS2 Documentation – see table