Tickets need private fields, so that users can provide sensitive details like passwords, payment transaction details, etc. These private fields should be protected against unauthorized access and hacking. Here is how this can be done: Encrypt the contents of these fields instead of storing in plain text. Delete the content of these fields after X days. Moderator permission to access private fields.