Encryption fields fail to display on form even though your user has the encrypted context role assigned to them.
This is usually caused due to data being encrypted with a different encryption context than the one expected.
To determine what encryption context was used to encrypt the data in a record please do the following:
1) Get the sys_id of one of the affected records
2) Go to scripts - background module and run the following script:
var gr = new GlideRecord('affected_table_name'); // name of the table where the record lives
gr.get('sys_id_of_record') // place the sys_id of the record acquired from step 1.
gs.print(gr.encrypted_text_column_name) //Print the value where the encrypted column is on
Your result should be similiar to the following:
56715c0aff1331007a6dffffffffff54:qvA0A3zPArVzfyllV8TdjsQyqs9L7otRvgX6id4mVrB6gNfKz/LEgHP+q7TKgwScSSIdqaCTbGph 1GMLOfAuQAOdzYvN9JLM1+WpJ1DsuIrd8v4t6h9zFRQxXsosZErHkgrlC+tkdYzibhNr/wvPFav1 4gSDD4tReHyk1SjgsGQZaY0uc4udxJLjWOuuIcYMSZr0BBvh0NIewGpobMrUPmUCIlieGpnHk8Oe lckCfLWl/dS6wz2rbXRgOxX8EWS1Q0WzXJ72Px4LB5sfl8p75N5kGXtsHGlHdkbjUGbJ5DhC5mrv OOCr5TdCXMCjCDQJ/cO0tBhWtjjJ5pB99S0pUCgSFQZZg+buHr2ZHk6ZPmGBqiKovUf0By9Yq6Uj xmEm67CDIBFaCtPpWoYlXCgSOhLPSoHoceojLYnhGqvMsiRt6U1AOHLjTKLNBGzJjVpUsJQcFCW9 88Po1sg1ThA8n3nMyYbPuoh7UCO00C2+ulO61Ga9B5/Yd51PqjiHYeQO29skhvNVMlbes6eYLR3m OkXOnAAdbdR/7HCBwd6YcN3CUCrc3YF10XJpHMfs6AdivzzgxNXfh9/v0Ia5Dqzr1Ok4AZBsOVW+ C4F3SkWlc1Mtqi2JUGHFxYEjU8Sfpv00TMd0ZuAb6lZT8dysca/XfMZII/2b8y0t9/32w45p9eAk
3) The first part just before the colon (:) character is a sys_id. This sys_id belongs to the encrypted context record in your environment. Copy this sys_id.
4) Go to the encrypted context table and match this sys_id to one of your existing encryption context
5) Usually we find here that the encrypted context used to encrypt the data was one that we did not expect to be used. This is common when users have multiple encrypted context assigned, or when performing mass updates.
For more information, please review the encrypted context documentation for set-up and configuration: