Confidential Data in Tickets
Confidential Data Field
Any relevant confidential data necessary for incident troubleshooting should be entered in the Confidental Data field on the incident form. The Confidential Data field and the information it contains is only visible to members of the Assignment Group the incident is assigned to at any given time.
Data entered in the Confidential Data field is not retained in the incident's Work Log or anywhere else in ServiceNow. If the information is overwritten or deleted at any point during the ticketing process, it cannot be recovered. Once an incident is Closed, any information remaining in the Confidential Data field will no longer be accessible to any users.
Please note that the Confidential Data field is not available when an incident is in New state. Once the incident is saved in any other state, the Confidential Data field will become visible. One caveat: if you directly assign a new incident to an assignment group you do not belong to, you will not see a Confidential Data field upon escalating the incident, due to the security constraints outlined above.
If you need to assign a new ticket with Confidential Data, place the ticket in Work in Progress and Save to create the Confidential Data field. Enter relevant confidential data, change ticket state to Assigned, and assign to the appropriate group/individual before saving again.
Information entered in the Confidential Data field will never be transmitted via email notifications.
It is also possible to mark an entire incident ticket as private. Private ticket content is only visible to members of the current Assignment Group for that ticket. The Private option is located on the Incident Classification tab of the incident form.
A ticket can be marked private from any state.
Information logged in the Additional Comments or Work Notes field of a private incident ticket will be retained in the ticket history. Use the Confidential Data field for any information that should not be retained.
Disabling Notifications on Private Incidents
Content entered in the Confidential Data section of an Incident will never be sent in a notification. However, if you want to turn off notifications to Requested By/For users completely for a ticket with confidential data or a private incident, follow the instructions for Disabling Incident Notifications.
Reporting and Requesting Removal of Confidential Data
Occasionally customers will submit confidential data when they create a ticket via email intake or using the Self Service form. Since this information is logged in the Additional Comments field of the ticket, it is retained in the ticket history, creating a security risk.
If this occurs, use the Private checkbox to mark the ticket as private and limit visibility to users within your assignment group. Mark the ticket as Resolved and open a new ticket if the customer requires continued assistance, transferring the relevant, non-secure information to the new ticket.
Next, report the confidential information and request removal.
To request removal of confidential data from a ticket, submit an incident to the ServiceNow team with the following information:
Short Description: Redact Confidential Data
Confidential Data: Ticket number, data to be redacted (Note ticket cannot be in New state to view/edit the Confidential Data field)
Work Notes: Please redact confidential data listed within the confidential data field of this incident.
Incident Classification: Affected CI: ServiceNow | Category: Applications | Subcategory: Security or Error Message Isdue | Impact: 3 | Urgency: 3
Assignment Group: ITS-Apps-ServiceNow
Service Desk staff: there is an incident template for redacting confidential data available to you in ServiceNow. To apply it, open a new incident, right click on the incident header, hover over Templates, and select Redact Confidential Data.