
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 08:09 AM
I am looking to create a HR group where they can handle employee investigations, and other sensitive information. However, I don't want other ITIL users (ex. service desk) to view these requests. I ideally, I want only HR staff and Admins to be able to look at these requests. All other group should get access denied. I am a beginner developer, so I am not a coding wizard. Any thoughts on how I should go about this?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 01:17 PM
Hi @Andrew Meza ,
Look at the data filtration rule plugin from ServiceNow. This will mask the table records based on defined filtration rules.
If my answer has helped with your question, please mark my answer as accepted solution and give a thumb up.
Best regards
Anders
If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.
Best regards
Anders
Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 10:03 AM
Hi Andrew,
I ran into the same situation quite a while back. The way that I handled it was by setting up a before query business rule on the incident table. In order to make the functionality more generalized, I also added a field, business, to the assignment group table. That business carries forward into the user record.
The before query rule looks at what business a user is in and will only display incidents that the user created or that are assigned to a group whose business is one that the user has. Admins get to see everything.
This can get a little complicated so please feel free to come back with questions.
:{)
Helpful and Correct tags are appreciated and help others to find information faster

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 12:29 PM
Thank you for the response. Do you think this can be pulled off similar but for REQ, RITM, and scTask?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 12:36 PM
I'll give you a qualified yes. You probably don't need it for sc_request because all that will show you is that someone created a request. It doesn't show you what was requested. We don't assign requested items (sc_req_item) because fulfillment is controlled by a flow (workflow or flow designer) but for sc_task, you certainly can. What you might consider for sc_req_item is to add a field to your sc_cat_item where you identify, using my earlier example, the business associated to that item. WIth the business as part of the catalog item, you have options for doing the lookup and then the rest of the logic should work fine.
:{)
Helpful and Correct tags are appreciated and help others to find information faster
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 01:17 PM
Hi @Andrew Meza ,
Look at the data filtration rule plugin from ServiceNow. This will mask the table records based on defined filtration rules.
If my answer has helped with your question, please mark my answer as accepted solution and give a thumb up.
Best regards
Anders
If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.
Best regards
Anders
Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/