The Power-pack add-on has a feature that restricts agents to certain tickets using a SECURITY PROFILE. The admin can use these security profiles to restrict access to the data used in reports as well. However, the restriction only applies to DEPARTMENTS that are specified in the security profile.
To use this feature, first create a security profile that contains a list of departments. You can to this in TICKETS->SECURITY PROFILE.
Then, in the user profile of the AGENT or ADMIN, select the security profile that will be applied to reports:
When this is done, all reports run by the agent will automatically be filtered by the departments specified in the security profile. The list of departments in the Departments filter box will automatically be reduced to only those from the security profile: