Document access in a legal matter

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Document Access in a Legal Matter

    This feature manages document access within legal matters by uploading documents to an external storage system when enabled on an intake form. Access permissions for documents are controlled dynamically—either in real time, via a scheduled job, or on-demand—ensuring appropriate access based on user roles and legal matter status.

    Show full answer Show less

    Access Control for Various Personas

    Document access is assigned according to user roles and their involvement with the legal matter. Key roles and their permissions include:

    • Requester: Read-only access to documents upon legal matter submission; can delete documents they personally attached.
    • Group Manager: Full read, write, and delete permissions when the legal matter is submitted or promoted.
    • Matter Owner (Assigned to): Full access upon assignment to the legal matter.
    • Collaborators: Full access when added to the collaborators list.
    • Ad hoc Approvers: Read-only access without delete rights during the approval process; access is revoked after approval or rejection.
    • Matter Task Owner: Read-only access to related artifacts and documents when tasks are assigned.
    • Assignment Group Members: Access depends on the assignment group’s configured permissions; updated via scheduled or on-demand jobs.
    • Watch List Users: Read-only access when added to the watch list.
    • Delegates: Read-only access based on delegation duties; access is revoked when delegation expires.

    Key Features and Operations

    • External Storage Integration: Documents linked to legal matters are stored externally for centralized management.
    • Scheduled Permission Sync: The “Process External Storage Permissions” job runs at defined intervals to update and synchronize document access permissions.
    • On-demand Access Requests: Users tied to the matter can request immediate access to documents before scheduled jobs execute.
    • Access Revocation: Legal administrators can revoke user access to documents at any time to maintain security and compliance.
    • Role-based Access Control: Permissions are finely tuned based on specific roles and their relationship to the legal matter, ensuring proper document governance.

    Practical Implications for ServiceNow Customers

    ServiceNow customers managing legal matters can leverage this document access control to:

    • Ensure sensitive legal documents are securely stored and accessed only by authorized users.
    • Maintain compliance by automatically updating permissions through scheduled jobs and on-demand controls.
    • Empower legal teams with transparent and role-appropriate access to documents, improving collaboration and workflow efficiency.
    • Control document lifecycle access, including delegation and approval processes, minimizing risks of unauthorized data exposure.

    Documents attached to legal matters are uploaded to the configured external storage system when the external storage option is enabled on an intake form with All or matter type selected. The access permission of these documents to various personas is controlled in real time, via a scheduled job, or on-demand.

    Document access in legal matters for various personas

    The following table shows the type of access to documents and when it is granted to various personas.
    Table 1. Document access in a legal matter
    Persona Access type Access level When
    Requester, requested for Read only Document Legal matter is submitted
    Group manager Read, Write, Delete Legal matter Legal matter is submitted or promoted from legal request
    Matter owner (Assigned to) Read, Write, Delete Legal matter Legal matter is assigned
    Collaborators Read, Write, Delete Legal matter Added to the Collaborators list
    Ad hoc approvers Read only, No delete Legal matter, artifact, or document based on approval requested Ad hoc approval is initiated
    Matter task owner Read only, No delete Artifact Artifact is associated to a matter task or when a task is assigned to a user
    Matter task owner Read only, No delete Document in artifact associated with the matter task Artifact is associated to a matter task or when a task is assigned to a user
    Members of assignment group Depends on the Assignment group permission field Document Job is run as scheduled, or on-demand
    Watch list users Read only, No delete Legal matter Added to the Watch list
    Delegates Read only, No delete Legal matter, artifact, or document based on duties delegated Resolve platform delegation permissions for legal matter job is run as scheduled, or on-demand
    Delegates through granular delegation Read only, No delete Legal matter, artifact, or document based on duties delegated User is delegated
    The scheduled job Process External Storage Permissions runs at the defined intervals to sync access for all unprocessed permissions on documents for legal matters stored in the external storage.
    Note:
    • Requesters can access documents attached to their legal requests from the Documents tab on the Standard Ticket page.
      Note:
      Requesters can delete only those documents from the request that they've attached.
    • The matter owner assigned to the legal matter can access documents from the Documents tab of the Artifacts record in the Legal Counsel Center.
    • Users added to the matter can request on-demand access to documents if they need access before the scheduled job is run.
    • The legal admin can revoke a user's access to documents of a legal matter and legal requests.
    • Ad hoc approvers lose document access after they approve or reject the requested item.
    • Delegates lose access after the delegation period expires.