Data Maps and Data Inventories

Extract from article by David Zetoony

Knowing the type of data that you collect, where it is held, with whom it is shared, and how it is transferred is a central component of most data privacy and data security programs. The process of answering these questions is often referred to as a “data map” or a “data inventory.” Outside of the United States some attorneys may be more familiar with the term “data register.”

Although the questions that a data map tries to solve are relatively straightforward, the process of conducting a data map can be daunting for many organizations. In addition, it is important to remember that data constantly changes. As a result, organizations must consider how often to invest the time to conduct a data map and, once invested, how long the information will be useful.

75% The percentage of privacy officers ranking data inventory and mapping as their highest priority for risk mitigation.

Additional Reading: