Hiding fields from "Personalized Column List"SummaryWe have created a new Confidential field for incidents, which should only be visible to certain groups. Now, we have it configured via a client script. . However, any ITIL user can add the field via the "Personalized List Column" and see the data.ReleaseAllInstructionsA client script is not adequate for field-level security, due to the number of ways that can be bypassed. You'll want to create an ACL to allow read access to this new field for the groups. Create a new ACL with the Type of 'record', Operation = 'read', Name = Incident, and your custom field in the second field that lists the incident table fields. Your Script in the Advanced section will look something like this var user = gs.getUser();answer = user.isMemberOf('sys_id of group 1') || user.isMemberOf('sys_id of group 2');This will restrict read access to only members of these groups. If the field is not readable, then it will not appear on the form, so you shouldn't need your 'setDisplay' client script.