Requesting Redaction of Private Data
Personally identifiable information, FERPA, or HIPAA data should not be stored in ServiceNow. In the event that this information is added to a record, please follow the steps below.
Steps to Take
- Follow the steps on KB0034289 - Restricting your Tickets - to ensure the case is restricted until the redaction is complete. Do not continue replying to this case if possible and create a new one without the private information.
- Create a new case titled "Redaction Request: Case #". Please specify the information that needs to be redacted, without duplicating it. For example, "The user included their SSN," instead of including the actual SSN.
- Assign this new case to the ServiceNow team (ITS-SNOW). The admin team will remove the information and close the case. If necessary, the case may be deleted entirely.
- If you are a non-ITS group, you will need to set the Organization field on the case to "IT Services" before you can change the assignment group to "ITS-SNOW." Please refer to KB0034242: Passing Tickets between Organizations for more information.