Is Your Data Governance Ready For Privacy? A Quick Assessment

This short self-driven assessment evaluates foundational data governance blocks needed for data protection.  Please answer these questions with Yes, Partial, or No.

1. Do you track data storage location as part of your data map?
2. Have you mapped and identified sensitive data?
3. As part of data mapping, do you audit if data sources are secured and encrypted?
4. For personal data, do you maintain ‘ the purpose of collecting data and Consent or a legit basis for processing?
5. Do you maintain metadata about data subjects ‘ Geography, Type (Employee, Customers, Partners), Is minor?
6. Have you mapped the data flow inside your organization?
7. Do you know who consumes data? Have you audited access privileges and documented processing activities?
8. Do you maintain data lineage?
9. Have you documented vendor/partner data sharing activities?
10. Do you have a data ownership/stewardship structure?

Classifies your organization’s data governance into the following categories based on the number of questions that you answered ‘yes’ or partial.

> 6 Yes – You have the building blocks to protect data and privacy.

3- 5 Yes or Partial –  Processes can help achieve privacy compliance but requires manual efforts in executing processes.

Less than 3 Yes – Not ready for privacy. Hard to identify privacy vulnerabilities and triaging incidents.

Today’s data environment is very complex and privacy laws are getting stricter. Data governance is more important and highly complex than ever before. ‘DataGovOps‘ is an emerging area of job function that aims to automate and simplify data governance.