Instead of seeing scoped results in searches, lookups, activity timeline, and SOSL, now your users must apply scoping rules to filter records in reports, list views, and SOQL.

Where: This change applies to Lightning Experience in Performance, Unlimited, and Developer editions. Scoping rules are included in Developer editions created after April 2022.

How: Create, edit, or delete scoping rules using the Tooling or Metadata API, or in Salesforce Setup. To apply scope that a scoping rule specifies in SOQL, add USING SCOPE scopingRule.

Scoping Rules Apply Only to SOQL, Reports, and List Views (salesforce.com)

Sharing and Sharing Hierarchy Help documentation now includes the full list of supported objects so you can easily determine whether a specific object is supported.

Where: This change applies to Lightning Experience in Professional, Enterprise, Performance, Unlimited, and Developer Editions.

How: In Lightning Experience, both sharing and the Sharing Hierarchy action are available for custom objects and these standard objects.

• Account
• Action Plan
• Action Plan Template
• Appointment Invitation
• Appointment Bundle Configuration
• Appointment Bundle Policy Service Territories
• Asset
• Campaign
• Case
• Contact
• Engagement Interaction
• Expense
• Expense Report
• Job Profile
• Lead
• Maintenance Plan
• Maintenance Work Rule
• Opportunity
• Product Item
• Product Request
• Product Service Campaign
• Product Transfer
• Recordset Filter Criteria
• Return Order
• Serialized Product
• Service Appointment
• Service Contract
• Service Crew
• Service Resource
• Service Territory
• Shift
• Shift Pattern
• Survey
• Survey Invitation
• Time Sheet
• Travel Mode
• Video Call
• Warranty Term
• Work Order
• Work Plan
• Work Plan Selection Rule
• Work Plan Template
• Work Step Template
• Work Type
• Work Type Group

Discover the 45 New Objects Related to Sharing and Sharing Hierarchy Actions (salesforce.com)

Configure a restriction or scoping rule to use a comma-separated list of IDs or values in the record criteria.

Where: Restriction rules are available in Lightning Experience in Enterprise, Performance, Unlimited, and Developer editions. Scoping rules are available in Lightning Experience in Performance, Unlimited, and Developer editions.

How: To create a restriction or scoping rule using more than one value in the record criteria, add a comma as a delimiter to separate the ID or string values. To include a single value that contains a comma, surround the value with double quotes (”).

Allow Multiple Values in Restriction or Scoping Rule Record Criteria (salesforce.com)

Now you can use scoping rules on supported objects without contacting Salesforce.

Where: This change applies to Lightning Experience in Performance, Unlimited, and Developer editions. Scoping rules are included in Developer editions created after April 2022.

Who: Beginning in Winter ’23, admins can use scoping rules on supported objects without Signature Success or Program Architect.

How: To create a scoping rule, navigate to Object Manager in Setup. Select a supported standard or custom object that you want to add a scoping rule for. Click Scoping Rules. You can also create and modify scoping rules using Tooling or Metadata API.

Try Scoping Rules in Performance and Unlimited Editions (salesforce.com)

Enable Enhanced Personal Information Management to prevent external users, such as portal or community users, from accessing other users’ personal information. This feature, which replaces the Hide Personal Information setting, secures more personal identifiable information (PII) user record fields. You can also decide which custom and standard user fields are considered PII. This update was first available in Spring ’22 and was scheduled to be enforced in Winter ’23, but we postponed the enforcement date to Spring ’23.

Where: This change applies to Salesforce Classic (not available in all orgs) and Lightning Experience in Enterprise, Performance, Unlimited, and Developer editions.

When: This update was first available in Spring ’22 and was scheduled to be enforced in Winter ’23, but we postponed the enforcement date to Spring ’23. To get the major release upgrade date for your instance, go to Trust Status, search for your instance, and click the maintenance tab.

How: From Setup, in the Quick Find box, enter User Management Settings, and then select User Management Settings. If Hide Personal Information is enabled, deselect it. Enable Enhanced Personal Information Management. To customize the user fields that are concealed, add them to a field set.

To review this update, from Setup, in the Quick Find box, enter Release Updates, and then select Release Updates. For Enable Stronger Protection for Your Users’ Personal Information, follow the testing and activation steps.

Enable Stronger Protection for Your Users’ Personal Information (Release Update) (salesforce.com)

Enhanced Personal Information Management is enforced, replacing Hide Personal Information in User Management Settings. Use scoping rules so that your users can focus on the records that are relevant to them. Give your users access to records via scoping or restriction rules by using comma-separated values in the rule’s record criteria.

• Enable Stronger Protection for Your Users’ Personal Information (Release Update)
  Enable Enhanced Personal Information Management to prevent external users, such as portal or community users, from accessing other users’ personal information. This feature, which replaces the Hide Personal Information setting, secures more personal identifiable information (PII) user record fields. You can also decide which custom and standard user fields are considered PII. This update was first available in Spring ’22 and was scheduled to be enforced in Winter ’23, but we postponed the enforcement date to Spring ’23.
• Try Scoping Rules in Performance and Unlimited Editions
  Now you can use scoping rules on supported objects without contacting Salesforce.
• Allow Multiple Values in Restriction or Scoping Rule Record Criteria
  Configure a restriction or scoping rule to use a comma-separated list of IDs or values in the record criteria.
• Discover the 45 New Objects Related to Sharing and Sharing Hierarchy Actions
  Sharing and Sharing Hierarchy Help documentation now includes the full list of supported objects so you can easily determine whether a specific object is supported.
• Scoping Rules Apply Only to SOQL, Reports, and List Views
  Instead of seeing scoped results in searches, lookups, activity timeline, and SOSL, now your users must apply scoping rules to filter records in reports, list views, and SOQL.

Sharing (salesforce.com)

Now when you create a field on an object, you can follow best practices and set field-level security for a field on permission sets instead of profiles. And rather than manually granting access to a field in each permission set, you can set field-level security on permission sets during field creation. This feature is also available when you set field-level security on a field or change the field type on a field.

Where: This change applies to Lightning Experience and Salesforce Classic in all editions.

How: Enable Field-Level Security for Permission Sets During Field Creation (beta) in User Management Settings. Then create an object, set field-level security on a field, or change the field type on a field. When you can assign field-level security, a list of permission sets appears instead of profiles. The list includes permission sets that have Create, Read, Edit, or Delete access on the field’s object. If no permission sets have that access on the field’s object, the list contains all the permission sets. If you must assign field-level security to profiles, turn off Field-Level Security for Permission Sets During Field Creation (beta) in User Management Settings. View Field Accessibility isn’t currently updated by this feature.

Set Field-Level Security for a Field on Permission Sets Instead of Profiles During Field Creation (Beta) (salesforce.com)

Analyze and report on permission assignments with the User Access and Permissions Assistant. Manage your permission set groups easily, and convert to permission sets that you can assign. Previously, this feature was known as Permissions Helper.

Where: This change applies to Lightning Experience and Salesforce Classic in all editions.

How: To use this feature, download the app from AppExchange. Complete the tasks to enable the Tooling API for the app. And then create and assign permission sets for users who must access the app.

Manage Your Permission Assignments with the User Access and Permissions Assistant (salesforce.com)

With this update enabled, you can assign an expiration date to each permission set or permission set group. Permission set and permission set group assignments also use a new Lightning Experience interface and an improved workflow. Users can be assigned to permission sets or permission set groups with or without an expiration date. When a permission set or permission set group has an expiration date, users can lose access to functionality after the expiration date. By default, permission set and permission set group assignments don’t expire. This update was first available in Summer ’22 and is enforced in Winter ’23.

Where: This change applies to Lightning Experience and Salesforce Classic in all editions.

When: Salesforce enforces this update in Winter ’23. To get the major release upgrade date for your instance, go to Trust Status, search for your instance, and click the maintenance tab.

How: To review this update, from Setup, in the Quick Find box, enter Release Updates, and then select Release Updates. For Enable Permission Set & Permission Set Group Assignments with Expiration Dates, follow the testing and activation steps.

Enable Permission Set Expiration and Enhanced UI (Release Update) (salesforce.com)

A setting for creating permission set and permission set group assignments with expiration dates is available via an enforced release update. Convert profiles to permission set groups with the User Access and Permissions Assistant. Also, analyze and report on permission assignments and easily manage your permission set groups.

• Enable Permission Set Expiration and Enhanced UI (Release Update)
  With this update enabled, you can assign an expiration date to each permission set or permission set group. Permission set and permission set group assignments also use a new Lightning Experience interface and an improved workflow. Users can be assigned to permission sets or permission set groups with or without an expiration date. When a permission set or permission set group has an expiration date, users can lose access to functionality after the expiration date. By default, permission set and permission set group assignments don’t expire. This update was first available in Summer ’22 and is enforced in Winter ’23.
• Manage Your Permission Assignments with the User Access and Permissions Assistant
  Analyze and report on permission assignments with the User Access and Permissions Assistant. Manage your permission set groups easily, and convert to permission sets that you can assign. Previously, this feature was known as Permissions Helper.
• Set Field-Level Security for a Field on Permission Sets Instead of Profiles During Field Creation (Beta)
  Now when you create a field on an object, you can follow best practices and set field-level security for a field on permission sets instead of profiles. And rather than manually granting access to a field in each permission set, you can set field-level security on permission sets during field creation. This feature is also available when you set field-level security on a field or change the field type on a field.

Permissions (salesforce.com)