Only users with both Edit and Encrypt rights can add and edit data in an encrypted field. These users will see a lock icon next to the field (even if there is no data):
To view or enter data, the lock icon needs to be clicked. This will either reveal the data that has been entered or allow for entering of data. If a user has View and Encrypt rights, they can click on this icon to view the data, but they cannot edit it.
The users without Encrypt rights will not be able to access the data at all:
Filtering records by data values
For encrypted fields, data search is restricted to exact match only. Fields using option groups can only be searched by option group value. The records that match the search criteria for the encrypted fields will only be shown to the users with Encrypt rights for the institute where the record was created.
Export and import of encrypted data
To export encrypted data, you need View, Export, and Encrypt rights. When exporting data, the option 'Exclude encrypted values' is set by default to Yes. To export the encrypted data as well, set this to No. Users who do not have Encrypt rights will see *encrypted* in the export.
To import data into encrypted fields, the user needs to have View, Import and Encrypt rights. Otherwise the import works the same as normal fields.
The data entered in the audit trail will be marked as *encrypted*.