Identify potentially exposed users

Washington DC Employee Service Management

Release

washingtondc

ft:locale

en-US

ft:publication_title

Washington DC Employee Service Management

ft:clusterId

emplsm

bundleId

emplsm

workflow

Employee

Identify potentially exposed users

Release version: Washingtondc

Updated February 1, 2024

7 minutes to read

When a user has indicated a health condition on a self-report, use Emergency Exposure Management to identify other users who might have come in contact with the affected user. You can analyze multiple data sources, such as location, meetings, workspace reservations, badge scans, and Wi-Fi access data of the affected user to identify potentially exposed users.

Before you begin

To query through multiple data sources, the Emergency Exposure Management requires the following applications, plugins, and configurations available on your instance.

Microsoft Office 365: Register and configure to scan Microsoft Outlook meeting data.
Contact Tracing: Badge reader scan, user daily contact log, Wi-Fi access log, handheld or wearable device proximity data, and visitor data.
Employee Health Screening and Contact Tracing: Scans visitor data.
Field Service Management (com.snc.work_management): Scans field service task data.

Important:

If you are an on-premise customer with Microsoft Office 365 and you need assistance in configuring Emergency Exposure Management, contact your sales representative or contact Customer Service and Support at https://support.servicenow.com/now?draw=case.

Role required: sn_imt_diagnosis.diagnostics_admin or admin

About this task

Note:

You cannot create or run a diagnostic request for affected users who have not consented to use their data for contact tracing. For more information, see User privacy consent for Contact Tracing.

Procedure

Navigate to All > Emergency Exposure Management > Create New.
The Report generation status field is set to Not Initiated and the Active check box is selected.
From the Affected user field, select the user's name.

Click the lock icon (

) in the Tracing system field and select one or more tracing system options to query corresponding data sources.

You can select multiple sources together for better identification of potentially impacted users.


Tracing system (Required application/plugin)	Query
Location	Users co-located with the affected user, for example, on the same floor or building.
Outlook meetings ( Microsoft Office 365)	Users who accepted the same meetings as the affected user during the specified time period.
Workplace reservations ( Workplace Core)	Users who had reservations for the same shifts as the affected user during the specified time period.
Badge reader ( Contact Tracing)	Users who swiped their badge on the same badge reader devices as the affected user, during the specified time period.
Employee daily log ( Contact Tracing)	The list of users with whom the affected users interacted during the specified time period.
Visitor log ( Contact Tracing and Employee Health Screening)	The list of visitors who interacted with the affected user during the specified time period. Visitors who are invited by the affected user and have been screened through and let in are queried.
Wi-Fi access log ( Contact Tracing)	Users who used the same Wi-Fi access points as the affected user during the specified dates. Wi-Fi access log data used to identify potentially impacted users depends on the Wi-Fi location preferences and the available integrations. For more information, see Retrieving Wi-Fi access log data. Note: Data received via a real-time API will be for a period based on the data retention policy of your Wi-Fi service provider.
Handheld/Wearables ( Contact Tracing)	Users using handheld or wearable devices in the close proximity with the affected user for more than the permissible time during the specified time period.
Kinexon SafeZone ( Contact Tracing)	Users who with KINEXON wearables who were in close proximity with other KINEXON users during the specified dates. Data acquired from the KINEXON SafeZone API. Requires an active KINEXON integration. For more information, see Configure KINEXON integration. Note: Users who are required to agree to a privacy consent but have not done so are excluded even if they are potentially exposed contacts.
Field service ( Field Service Management)	Customers attended by an affected field agent during the specified time period. Also queries other field agents who interacted with the affected agent or visited the same customer as the affected agent during the specified time period.

When required for a selected tracing system, provide the start and end dates.
1. In the Start date field, provide the estimated date of infection.
  Because the infection window that you're concerned about may vary, pick a start date such as 14 days prior to the date of reported symptoms.
2. In the End date field, provide the date of reported symptoms, at least one day prior to today.
Click Save.
Related lists appear that are filled in after you run a diagnostics report.
Click Run Diagnostics.
A scheduled job fetches potentially impacted user data from the selected sources and loads the data in corresponding related lists. Refresh a list to see the potentially impacted users immediately.
If you selected the Handheld/Wearables option, a diagnostic request task is created. Follow the instructions in the task to fetch the potentially exposed users.
If you selected the Wi-Fi access log option, the Wi-Fi data queried is based on the location preference set for the affected user's location. The available options are:
- Mist Systems integration: The Wi-Fi data is fetched from Mist Systems when you run the diagnostic request.
  If the site network is Bluetooth LE-enabled and the organization has provided users with a BLE device, the Wi-Fi access using the BLE devices is used to identify potentially exposed users.
- Cisco DNA Spaces integration: The Wi-Fi data is available based on the Cisco tier value set in the sn_imt_tracing.wifi_log_cisco_tier property:
  - If the wifi_log_report value is set, the data is imported from the Wi-Fi access data files for the specified days from the SFTP server and queried by the location path to identify potentially exposed users.
  - If the proximity_report value is set, a diagnostic request task is created to fetch the potentially exposed users. Follow the instructions in the task to fetch data on potentially impacted users from the selected data source. For more information, see Fetch potentially exposed user data from a data source.
- Manual import: The Wi-Fi data is imported from a Microsoft Excel spreadsheet into the Wi-Fi Access Register table.
Optional: Add manually the potentially affected users, for example, users who visited a location with an affected user.
1. In the Impacted users added manually list, click New.
2. Select the potentially affected user.
3. Optional: Add comments about why you added the user.
  Entering comments helps identify other users who might be potentially impacted by this user if this user starts to show symptoms.
4. Click Submit.
The user appears in the Impacted users added manually related list.

Result

The related lists display potentially impacted users. The Impacted visitors, Impacted customers, and Impacted field agents related lists appear only if relevant users exist.

Note:

Users who have not consented to use their data are filtered out from the list of potentially impacted users. However, you can add them to the potentially impacted users list manually.


Related list	Description
All Impacted users	All users who might have been potentially exposed. This list is a combination of all the records in the other related lists. Under the Tracing system column, you can see the source of the exposure for an user.
Impacted users added manually	This list is empty unless a user with the sn_imt_diagnosis.diagnostics_admin role manually adds additional potentially impacted users.
Impacted visitors	Visitors invited by the affected user who cleared the health screening and interacted with the affected user during the specified time period.
Impacted customers	Customers added from the field service work order analysis. Potentially impacted customers are determined by the work orders attended by an affected field agent between the specified dates.
Impacted field agents	Field agents added from the field service work order analysis. Potentially impacted field agents are determined if they interacted with an affected agent or visited the same customer as the affected agent between the specified dates.

If the diagnostics fail to run, click the Show related jobs link to check the status of all jobs that have been launched. You can view the details, including the log message, to determine the reason of failure.

Note:

Failed jobs are automatically retried three times, the default setting in the Emergency Exposure Management properties. To retry the job after you fix the issue, click Reprocess.

What to do next

Depending on the applications and plugins installed, you can take the following actions:

Click Download Report to download a spreadsheet listing all affected users. The report includes the email address and location of each user, and the source of identification, such as location, workplace reservation, collaboration, badge reader data, or field service work orders. For manually added users, the comment is included.
Click Download Visitor Report to download a spreadsheet listing all potentially exposed visitors who met the affected user. The report includes the email address and name of each visitor.
Note:
The button is available only when you have selected the Visitor log tracing system.
The case manager can create a case for the affected user and add potentially impacted users from the related list to the case to follow up on their health status. For more information, see Create a case for an affected employee.
The manager of the affected field agents can take further actions such as blocking their future work order assignments. For more information, see Emergency Exposure Management for field service agents .