What is the appropriate method for ensuring selected staff can access certain private Service Delivery records?

Creating a criteria-based sharing rule for specific records is an effective method for ensuring that selected staff can access certain private Service Delivery records. This approach allows you to define specific criteria that determine which records should be shared and with whom. For instance, if the records are sensitive or context-specific, such as relating to particular service users, the criteria can be tailored to fit those unique needs—such as sharing records based on ownership, case type, or other relevant factors.

This method provides granularity in access control, meaning only the staff who meet the set criteria will gain access to the specific records. It also helps maintain overall data privacy by not exposing all records to a broader audience, unlike broader methods of sharing.

On the other hand, simply assigning a new profile would grant a wider set of access permissions than might be necessary. Changing default sharing settings to Public Read/Write would dramatically increase exposure across the board, compromising data security. Updating a Permission Set could potentially help with access, but might not be as effective as a targeted sharing rule for the specific records needed, which is where criteria-based sharing excels.