Data mapping is the process of finding out as a company:
What & Whose data you process?
Why do you process this data?
Where do you process this data?
Getting this information in one place enables you to evaluate your exposure to different privacy laws like GDPR, CCPA, HIPAA, etc.
Benefits of Data Mapping:
Record of Processing Activities Report or GDPR Article 30 Report: One of the key documentation requirements of GDPR is to maintain an up-to-date RoPA report. We automatically generate this report which can be exported as well.
Cross-Border Transfer: Visualize cross-border transfers and apply appropriate transfer mechanism for each transfer
Data Flow Diagrams: Automatically generate a data flow diagram and see how data moves across your organization
Data Mapping Basics:
Our product streamlines and automates data mapping. You need to capture the following to create a data map:
Entity: List of legal entities like holding company, subsidiaries who owns processing activity, assets and vendors. Use entity to separate out processes, assets & vendors between your group companies.
Processing Activity: A business process where personal data is used to achieve business goals or purposes.
Asset: Information systems, databases, applications where data is processed. An asset can be internal(managed by you completely) or external(provided by a third party like a SaaS application)
Vendor: Third parties providing a service or product to your company.