Email?based accommodations exposed medical details; ServiceNow HR case workflow segregated data and de?identified tasks

Overview

A tech firm handled disability and religious accommodation requests through email threads and shared folders, which caused delays, inconsistent decisions, and privacy exposure. Managers were copied on messages that included medical details, approvals lived in chat, and audit preparation meant chasing attachments. Intelligex implemented a confidential accommodation workflow in ServiceNow Human Resources Service Delivery (HRSD) with HIPAA?aware fields, role?based access, and Legal sign?off for escalations. Medical information was segregated from business details, tasks to managers and fulfillment teams were de?identified, and the interactive process followed a documented path. Responses became timely, documentation stayed confined to approved roles, and the organization could demonstrate compliance without searching inboxes—while ServiceNow, the HRIS, and the identity provider remained in place.

Client Profile

• Industry: Technology (product engineering, go?to?market, and corporate functions)
• Company size (range): Multi?region workforce with hybrid and remote roles
• Stage: ServiceNow used for HR cases; accommodation intake via email and shared inbox; medical files in personal drives; ad hoc approvals by managers; unclear timelines and ownership
• Department owner: Human Resources & People Ops (Employee Relations/HR Operations)
• Other stakeholders: Legal/Compliance, Privacy, Security, IT/Identity, Facilities/Workplace, Procurement, Occupational Health, People Managers, DEI, Internal Audit

The Challenge

Accommodation requests arrived through emails to HR and managers, with attachments ranging from doctor’s notes to ergonomic assessments. Some requests stalled because ownership was unclear, others moved quickly but without the right reviews. Managers were often included on the original email and saw medical details they did not need, while HR struggled to keep the interactive process moving across time zones and functions. When requests involved equipment or software, Facilities and IT received vague instructions without context about duration or scope.

Documentation was scattered. The same case could contain chat messages, PDFs in personal drives, and decisions summarized in a spreadsheet. There was no consistent way to track deadlines, verify that the right parties were consulted, or ensure Legal approval for denials or undue hardship determinations. Privacy risks accumulated as sensitive files were forwarded, and employees had no predictable timeline or status view.

Compliance pressure added friction. Guidance under the Americans with Disabilities Act (ADA) expects an interactive process and individualized assessment, while handling any medical information requires care under the organization’s privacy practices and, where applicable, the HIPAA Privacy Rule. Without a confidential case path and role?based guardrails, people erred on the side of sharing too much or not enough.

Why It Was Happening

The firm lacked a dedicated, confidential workflow for accommodations. ServiceNow managed general HR cases, but accommodation intake and decisions lived outside it, so approvals and sensitive files were captured informally. Email became the coordination tool because it was familiar, yet it offered no structure for deadlines, reviewer roles, or privacy boundaries.

Medical and business data were intermingled. Physician letters and diagnoses sat alongside manager notes about essential job functions and possible modifications. Access depended on who was copied on a thread, not on policy. Without a governed model that separated medical details from the operational aspects of an accommodation—and without standard templates and gates—time slipped and documentation varied by handler.

The Solution

Intelligex implemented a confidential accommodation workflow inside ServiceNow HR Service Delivery that encoded the interactive process, enforced role?based access, and segregated medical details from business data. Employees initiated requests through a private intake form with clear guidance on what to share. Medical documentation flowed into a restricted sub?record, visible only to the designated HR accommodations team and, when appropriate, Occupational Health. Managers received de?identified summaries focused on functional limitations and potential accommodations. Legal approvals were required for denials, undue hardship, and sensitive scenarios. The workflow aligned to public guidance on reasonable accommodation under the ADA (EEOC) and handled protected health information in line with the HIPAA Privacy Rule where applicable (HHS HIPAA Privacy). ServiceNow remained the platform, extended with confidential case types and approvals (ServiceNow).

• Integrations: ServiceNow HRSD for confidential case types and tasks; HRIS for employee, manager, and job data; identity provider for single sign?on and role mapping; Facilities and IT ticketing for fulfillment tasks; secure document storage for medical files.
• Confidential intake: Private form with guidance on minimal necessary information; separate channels for disability, religious, and pregnancy?related accommodations; upload controls with restricted routing for medical documentation.
• Segregated records: Medical sub?record with restricted access; business record with functional limitations, essential job functions, and agreed accommodations; cross?links tracked with audit logs.
• Interactive process workflow: Standard steps for assessment, manager consultation, and proposed accommodations; configurable timelines and reminders; templates for employee and manager communications.
• Approvals and gates: Legal checkpoint for denials, undue hardship, and sensitive cases; maker?checker for exceptions; reason codes captured with decisions; de?identified tasks for Facilities and IT.
• Privacy controls: Redaction for sensitive fields in outbound communications; role?based views; minimal PHI exposed to non?medical reviewers; retention and legal hold by case type.
• Dashboards and evidence: Case volume, cycle time, pending reviews, and aging tasks; audit exports containing intake, communications, decisions, and approvals without exposing medical documents beyond allowed roles.

Implementation

• Discovery: Mapped current request paths, decision criteria, and common accommodations; reviewed email threads and shared folders to understand privacy risks; cataloged stakeholders and approval points; gathered Legal and Privacy requirements; identified Facilities and IT fulfillment patterns.
• Design: Defined confidential case types and access matrices; authored intake forms and communication templates; separated data models for medical and business records; set decision gates and Legal checkpoints; planned de?identified tasks for Facilities and IT; designed dashboards and audit exports; set retention policies and legal hold behavior.
• Build: Configured ServiceNow HRSD with confidential cases, roles, and workflows; implemented secure document handling and restricted sub?records; wired integrations to HRIS, identity, and fulfillment queues; added reminders, timelines, and escalation paths; enabled logging, redaction, and evidence capture.
• Testing/QA: Piloted with the accommodations team using sanitized cases; validated role?based access and segregation of medical vs business records; exercised Legal approval paths and denial scenarios; tested de?identified tasks to Facilities and IT; tuned templates and timelines based on feedback.
• Rollout: Launched the confidential intake to employees and HR partners; migrated active email?based requests into cases; kept the shared inbox as a monitored fallback during transition; tightened permissions as adoption stabilized and legacy paths were deprecated.
• Training/hand?off: Delivered guides for HR accommodations reviewers, managers, Facilities, and IT on roles, privacy, and task handling; briefed Legal on approval steps and evidence exports; updated SOPs for intake, decision, and fulfillment; transferred ownership of templates, gates, and dashboards to HR Operations under change control.
• Human?in?the?loop review: Established regular reviews with HR, Legal, and Privacy to examine denials, exception patterns, and timeline adherence; recorded decisions with rationale; improved templates, access rules, and gates iteratively.

Results

Requests followed a clear, confidential path from intake to decision. Employees saw predictable updates, managers received only the information necessary to evaluate accommodations, and Legal weighed in at defined steps rather than after the fact. Facilities and IT fulfilled de?identified tasks that specified what to provide and for how long, without exposure to medical details.

Documentation became consistent and defensible. Each case carried intake details, communications, decisions, and approvals in one place, with medical records confined to restricted sub?records. Audit preparation and leadership reviews drew from dashboards and evidence exports, not from email threads. ServiceNow, the HRIS, and the identity provider stayed in place; the new layer standardized the interactive process and enforced privacy by default.

What Changed for the Team

• Before: Requests lived in email with broad visibility. After: A confidential intake and workflow kept access limited to defined roles.
• Before: Medical and business details were intermingled. After: Medical documentation was segregated from functional and operational details.
• Before: Decisions and denials lacked a clear trail. After: Legal checkpoints and reason codes were captured in the case.
• Before: Facilities and IT received vague instructions. After: De?identified tasks specified scope, duration, and fulfillment details.
• Before: Timelines drifted and reminders were manual. After: Standard steps, reminders, and escalations kept the process moving.
• Before: Audits meant chasing attachments. After: Evidence exports pulled the record without overexposing sensitive files.

Key Takeaways

• Separate medical from business data; design the record so only the right roles can see sensitive details.
• Encode the interactive process; use standard steps, timelines, and templates to drive consistency.
• Gate high?risk decisions; require Legal approval for denials and undue hardship determinations.
• De?identify fulfillment; send Facilities and IT the what and how long, not the why.
• Make privacy the default; restrict access, redact outbound communications, and apply retention by case type.
• Integrate, don’t replace; extend ServiceNow and existing tools with confidential case types, not new silos.

FAQ

What tools did this integrate with? The workflow ran in ServiceNow HR Service Delivery (ServiceNow) with confidential case types and approvals. It pulled employee and manager context from the HRIS, used the enterprise identity provider for single sign?on and role mapping, and created de?identified tasks in Facilities and IT queues. Privacy handling aligned to the HIPAA Privacy Rule where applicable (HHS HIPAA Privacy) and to ADA accommodation guidance (EEOC).

How did you handle quality control and governance? Intake templates, communication wording, approval matrices, and access rules lived under change control with HR, Legal, and Privacy as owners. Maker?checker approvals applied to denials and exceptions. Every action—intake, file upload, decision, approval, and export—was logged with timestamps and actors. Periodic reviews examined exception patterns and timeline adherence and recorded rationale for any rule changes.

How did you roll this out without disruption? The confidential intake launched alongside the existing shared inbox, which remained monitored as a fallback. Active email?based requests were migrated into cases. Early cohorts included HR accommodations reviewers and select managers, followed by broad rollout after templates and timelines were tuned. Clear communications and quick guides helped employees submit requests through the new path.

How did you protect medical information and privacy? Medical documentation landed in a restricted sub?record, accessible only to designated roles. Outbound communications redacted sensitive fields, and tasks to managers, Facilities, and IT contained only functional limitations and fulfillment details. Encryption protected data at rest and in transit, retention applied by case type, and legal holds could be set at the case level. All access and exports were logged.

How did managers participate without seeing PHI? Managers received a de?identified summary describing essential functions, functional limitations, and proposed accommodations. They provided input on feasibility and alternatives without access to diagnoses or medical notes. Decisions and timelines were shared through role?appropriate views and communications.

Can the workflow support different accommodation types? Yes. Separate intake paths and templates supported disability, religious, pregnancy?related, and other accommodations. Each path carried its own required fields, templates, and Legal checkpoints while using the same core privacy and access controls.

How were equipment and software requests handled? Once an accommodation was approved, de?identified tasks routed to Facilities and IT with scope, specifications, and duration. Procurement steps and shipping details were tracked in the case, with reminders for renewal or return when the accommodation was temporary.