You can create data filters on fields in a business entity and assign user roles to those filters. Based on the value in the field within a record, the user might or might not be able to see the entire record. You can also create filters on nodes to determine whether a user should have access to the parent record when the node is empty.
This feature is similar to data security filters for subject areas, however data filters for business entities are case insensitive.