One of the key information which needs to be considered in requirement gathering is security with regards to authorization, that is, who will see what kind of data. This information needs to be taken from the business users.
This section should list such requirements and define who should see what kind of data.