The restricted incident functionality can be used to manage visibility of an incident that contains sensitive information. Do not store personally identifiable information (PII), FERPA, or HIPAA data on the ServiceNow platform.
Who can view a restricted incident
Once an incident has been restricted, only the following users or groups can view it:
- The current assignment group (Assignment Group)
- The current assignee (Assigned To)
- The current Caller
- The user who created the incident (Opened By)
- Any user who is listed in the Watch list
- Any user who is a member of a group listed in the "Restricted group list"
- Any user who is listed in the "Restricted user list"
Automatic Restriction
Assignment Groups that frequently deal with sensitive data may be marked as "Auto Restricted". When an incident is assigned to an Auto Restricted group, the incident will automatically be marked restricted. If you are working an existing incident and are not one of the individuals identified above (Who can view...), reassigning the incident to a restricted group may result in a loss of access to that incident. Add yourself to the Watch List prior to reassignment if you're not already listed in one of the fields identified above. If you are creating a new incident assigned to an Auto Restricted group, your account will be listed in the Opened By field, and you will retain visibility to the incident.
Searching
Some agents are able to perform a global search. If the agent is not included in any of the fields noted above, the agent will not see restricted incidents in the search results.
See also: