Data Discovery and Mapping
PRIVACY VAULT supports data discovery and mapping using any combination of native functionality as well as 3rd party technologies from partners, and at several levels:
Drill-Down discovery. Also called "metadata-driven" data discovery, is a native PRIVACY VAULT services used to identify and map to personal data schemas (not the actual data content itself) that is collected by legacy and cloud applications and data sources.
This technology is most commonly employed prospectively, to identify, define purposes and to protect access to types of data in new and digitally-transformed applications. It's a critical part of any Privacy Compliance Programme.
Data Scanning. This technology uses context-sensitive AI detectors to identify structured and unstructured data and greatly increases the efficiency in finding existing data that may not be well organized or classified for regulatory compliance.
Under the regulations, data subjects have the right to know what personal data is being held and processed by a data controllers, along with the right to govern this data (withdraw consent, object to processing, rectify inaccuracies, export the data and delete data). Producing Data Subject Access Requests (DSAR) reports can be extremely time-consuming and expensive and generally must be produced within 30 to 60 days. Automated Data Discovery is therefore invaluable for DSAR processing.
However, Data Discovery by itself is not a panacea and does not directly result in compliance.
Each item of personal data may only be collected, processed and retained for a lawful and specific purpose and can only be retained beyond those purposes under limited circumstances. Producing a DSAR report for data processed or held without a legitimate purpose can backfire on the data controller and be used as evidence in a complaint or lawsuit.
PRIVACY VAULT helps organizations to identify legal purposes for their data. Our focus on this is one of the keys to achieving true compliance outcomes.