Permission sets are what should be used to allow additional field-level access to individual
employees based on their job duties. Permission sets are a type of metadata that grant additional
access and permissions to users based on their functional or departmental needs. Permission sets
can include field-level security settings that allow read or edit access to specific fields on an object.
Permission sets can be assigned to multiple users, regardless of their profile. Individual profiles are a
type of metadata that define the baseline access and permissions for users based on their license
type and job function. Profiles include field-level security settings that allow read or edit access to
fields on an object. Profiles cannot be assigned to individual users, but to a group of users who share
the same license and job function. Role hierarchy is a type of metadata that define the level of access
and visibility of records for users based on their position in the organization. Role hierarchy allows
users to access records owned by or shared with users below them in the hierarchy. Role hierarchy
does not affect field-level access, but record-level access.