Environment
ITS Ticketing application in TeamDynamix
Issue
What types of sensitive data should be scrubbed (removed) from TeamDynamix tickets?
Resolution
Sensitive data that should be removed from individual TeamDynamix tickets:
- Credit card numbers and other PCI data
- Passwords
- Social Security Numbers (SSN)
- Last 4 SSN
- Three or more pieces of data in a single ticket that can be used for ID verification. Note that if a ticket contains only one or two pieces of data, it does NOT need to be removed
- Unusual data or circumstances which in a technician's professional judgment entail a larger privacy risk for the individual or for U-M (e.g., a single piece of identity data for an individual likely to be targeted for identity theft)
- CUI, ITAR and FISMA data
How is sensitive data removed from tickets?
Any technician can and should request that TeamDynamix administrators remove sensitive data. The administrators of each TDX application have the ability to remove the data from their applications. To request removal of sensitive data from a ticket in the ITS TIckets application, use this form: Request sensitive data removal. To request removal of sensitive data from other TDX applications, open a ticket in that application and advise to route to TDX admins.
Additional Information
- The Shared Service Center has separate configurations in place to manage SSNs in their TeamDynamix ticketing application
- ITS removes sensitive data from tickets in the ITS ticketing application -- admins for other ticketing applications can remove sensitive data for their tickets
- Some sensitive data is prohibited from being stored in TeamDynamix (PCI, CUI, ITAR/EAR and FISMA -- see the Sensitive Data Guide); the rules on which data should be removed were made in consultation with IA
- The chat transcript is not attached to the TDX ticket; therefore, it is not necessary to request removal of sensitive data from chat transcripts.
Need additional information or assistance? Submit a request here ITS-TeamDynamix Support.