Data protection

Release version: Australia

Updated March 20, 2026

2 minutes to read

Summarize

Summarized using AI

Summary of Data Protection

ServiceNow provides comprehensive security tools within its platform to protect your data, including the Key Management Framework, Field Encryption, Data Classification, and Now Assist. These tools ensure your data is secure during transit, storage, and processing, especially when leveraging AI capabilities. Now Assist incorporates controls to manage personally identifiable information (PII), govern data sharing decisions, and discover and protect sensitive data throughout your instance.

Show full answer Show less

Data Transit, Storage, and Privacy Controls

User Data Usage Policy: Understand how Now Assist transmits, processes, and safeguards your data, with options to mask sensitive data and control sharing for AI model improvements.
Configuring Data Privacy: De-identify PII before data reaches large language models by specifying data types and applying anonymization rules.
Privacy Policies: Set policies to anonymize sensitive information during AI processing to enhance data privacy.
Data Steward Role: Assign a data steward responsible for data sharing decisions related to Now Assist on your instance.
Opt-Out Capability: Choose to opt out of data sharing with ServiceNow for AI model improvements via the Admin console Settings page.

Sensitive Data Discovery and Classification

Key Management Framework: Create and manage encryption keys controlling access to sensitive data, including keys used by AI agents and workflows.
Field Encryption: Encrypt individual fields to protect sensitive data at rest, ensuring only authorized AI agents with permissions can access encrypted fields.
Data Classification: Apply classification labels to identify and understand sensitive content, helping to determine appropriate protection controls.

Now Assist for Vault Capabilities

Generative AI Skills: Use AI to generate custom data patterns, verify role access for encrypted columns, and schedule data discovery jobs.
Data Discovery Jobs: Schedule one-time or recurring scans to detect sensitive data such as PII or PHI in inputs to language models.
Role Access Checks: Identify user roles with encryption and decryption key access to monitor encryption access posture.
Custom Data Patterns: Create custom regular expression data patterns from plain language descriptions to enhance sensitive data detection.

Now Assist Data Kit

Scan datasets to identify sensitive data including PII and cleanse this data before it is used in AI evaluations, ensuring data privacy and compliance.

Learn how ServiceNow security tools such as the Key Management Framework, Field Encryption, and Data Classification work to keep your data secure.

Now Assist keeps your data secure throughout the AI lifecycle. Additional controls let you manage how personally identifiable information (PII) is handled, who can make data sharing decisions, and how sensitive data is discovered and protected across your instance.

Data transit, storage, and privacy controls

The following topics, all in Now Assist Admin, describe how Now Assist handles your data and how to configure privacy controls for your instance.

User data usage policy for Now Assist: Understand how Now Assist transmits, processes, and protects your data, including options to mask sensitive data and control data sharing for model improvements.
Configuring Data Privacy for Now Assist: Configure how PII is de-identified before it reaches the large language model, including which data types are caught and how anonymization rules are applied.
Configure Now Assist privacy policies: Set up privacy policies to control how sensitive information is anonymized during AI processing.
Assign the data steward role: Assign a data steward, the role responsible for making data sharing decisions for Now Assist on your instance.
Opt out of data sharing for Now Assist: Opt your instance out of data sharing with ServiceNow for AI model improvements from the Admin console Settings page.

Sensitive data discovery and classification

The following topics describe how to use Now Assist for Vault and Now Assist Data Kit to discover, classify, and protect sensitive data on your instance.

Key Management Framework: Use the Key Management Framework to create and manage encryption keys that control access to sensitive data on your instance, including keys used by AI agents and agentic workflows.
Field Encryption: Encrypt individual fields on your instance to protect sensitive data at rest, ensuring that AI agents can only access encrypted fields when they have the appropriate permissions.
Data classification: Define and apply data classification labels to identify sensitive content across your instance, helping you understand what data your AI agents can access and where protection controls are needed.
Now Assist for Vault: Learn about the generative AI skills available in Now Assist for Vault for generating custom data patterns, checking role access for encrypted columns, and scheduling data discovery jobs.
Schedule a Data Discovery job with Now Assist for Vault: Schedule one-time or recurring Data Discovery jobs to detect sensitive data such as PII or PHI that may be present in inputs to the LLM.
Check role access for an encrypted column with Now Assist for Vault: Identify which user roles have access to encryption and decryption keys in your instance to monitor your encryption access posture.
Generate a custom data pattern by using Now Assist for Vault: Create a custom regular expression data pattern from a plain-language description and add it as an active data pattern on your instance.
Find and cleanse sensitive data: Now Assist Data Kit: Scan your datasets for sensitive data including PII, and cleanse identified data before it is used in AI evaluations.