Security filters that manage user access to data based on user identification and other data when a user attempts to access information via a query or other mechanisms. Security filters may be implemented to prevent users from viewing or otherwise accessing certain data in a database or other source of information in a reporting or other system. The level of access authorized by a security filter may be based on a user's role, capabilities, or other criteria. For example, a regional manager may have a security filter that allows a user to view data from the user's particular region regardless of the report the user runs. A security filter may include a filter expression, a top level and a bottom level where each component may be further define a user's ability to access certain data.