{"id":1604,"date":"2024-02-24T00:13:38","date_gmt":"2024-02-24T00:13:38","guid":{"rendered":"https:\/\/dataprivacyparty.com\/?p=1604"},"modified":"2024-02-24T00:13:39","modified_gmt":"2024-02-24T00:13:39","slug":"data-inventories-arent-scary","status":"publish","type":"post","link":"https:\/\/dataprivacyparty.com\/?p=1604","title":{"rendered":"Data Inventories Aren&#8217;t Scary"},"content":{"rendered":"<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"474\" height=\"222\" src=\"https:\/\/i0.wp.com\/dataprivacyparty.com\/wp-content\/uploads\/2022\/08\/Inventory-1.jpg?resize=474%2C222&#038;ssl=1\" alt=\"\" class=\"wp-image-1607\" style=\"width:770px;height:361px\" srcset=\"https:\/\/i0.wp.com\/dataprivacyparty.com\/wp-content\/uploads\/2022\/08\/Inventory-1.jpg?w=474&amp;ssl=1 474w, https:\/\/i0.wp.com\/dataprivacyparty.com\/wp-content\/uploads\/2022\/08\/Inventory-1.jpg?resize=300%2C141&amp;ssl=1 300w\" sizes=\"auto, (max-width: 474px) 100vw, 474px\" \/><\/figure>\n<\/div>\n\n\n<p><strong>Legal Compliance Requirements<\/strong><\/p>\n\n\n\n<p>One significant new development companies are working toward implementing is a dynamic record of their processing activities. Article 30 of <em>GDPR<\/em> states that all controllers must develop a &#8220;Record of Processing Activities.&#8221; There are seven requirements controllers must adhere to when developing this record, and a data inventory can cover several of those requirements. Most notably, the requirements that controllers must:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Include a description of the categories of data and data subjects;<\/li>\n\n\n\n<li>Relevant third parties who obtain any personal data; and<\/li>\n\n\n\n<li>Data retention thresholds for personal information.<\/li>\n<\/ol>\n\n\n\n<p>The Association of Information Privacy Professionals (<a href=\"https:\/\/iapp.org\/\" title=\"IAPP\">IAPP<\/a>) defines a &#8220;Data Inventory&#8221; as <\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;Also known as a record of authority, identifies&nbsp;personal data&nbsp;as it moves across various systems and thus how data is shared and organized, and its location.&nbsp; That data is then categorized by subject area, which identifies inconsistent data versions, enabling identification and mitigation of data disparities.&#8221;<\/em><\/p>\n<\/blockquote>\n\n\n\n<p>In general, a Data Inventory is a record of data collected, processed, and stored by the organization. Understanding what data you have, and what core functions your business uses that data for, can help you understand how\/if that data is regulated.<\/p>\n\n\n\n<p><strong>A Practical Start<\/strong><\/p>\n\n\n\n<p>Understand what services your organization provides or products your organization develops. This also includes the various details and intricacies involved in the sale or provision of the product or services.<\/p>\n\n\n\n<p><em>What kind of transaction is it? Do we collect additional information beyond an exchange of currency or a promise to pay? Is the transaction recurring on a frequent basis? What data is needed to complete the transaction and provide the service or product?<\/em><\/p>\n\n\n\n<p>Questions like these are a good start to get the ball rolling. Once that ball starts rolling, we&#8217;ll be able do further dig into the technical requirements and systems that are involved in the transaction and the collection of any data.<\/p>\n\n\n\n<p><strong>Benefits Beyond Compliance<\/strong><\/p>\n\n\n\n<p>To put it simply, you know what you have on hand and where it\u2019s located. It gives you a better understanding of your organization. <\/p>\n\n\n\n<p>Beyond the simple benefit of knowing yourself better, other benefits include, but aren\u2019t limited to:<\/p>\n\n\n\n<p>\u2022 Perform analysis to identify trends, opportunities, and weaknesses. <\/p>\n\n\n\n<p>\u2022 Get the \u201cskeleton\u201d in place for building up the organization. <\/p>\n\n\n\n<p>\u2022 Using the data inventory to help train your LLM\/AI\/Automated bot to help you later. <\/p>\n\n\n\n<p>\u2022 Know what to sell at what time and when products are phasing out. <\/p>\n\n\n\n<p>\u2022 Generate more accurate reports and enable end user to be more equipped to succeed in their role. <\/p>\n\n\n\n<p>This list is a start, and not exhaustive. Any other benefits you decide should be left up to you and your processes!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Legal Compliance Requirements One significant new development companies are working toward implementing is a dynamic record of their processing activities. Article 30 of GDPR states that all controllers must develop a &#8220;Record of Processing Activities.&#8221; There are seven requirements controllers must adhere to when developing this record, and a data inventory can cover several of [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"episode_type":"","audio_file":"","podmotor_file_id":"","podmotor_episode_id":"","cover_image":"","cover_image_id":"","duration":"","filesize":"","filesize_raw":"","date_recorded":"","explicit":"","block":"","itunes_episode_number":"","itunes_title":"","itunes_season_number":"","itunes_episode_type":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[1],"tags":[],"class_list":["post-1604","post","type-post","status-publish","format-standard","hentry","category-uncategorized","has-post-thumbnail","fallback-thumbnail"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=\/wp\/v2\/posts\/1604","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1604"}],"version-history":[{"count":5,"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=\/wp\/v2\/posts\/1604\/revisions"}],"predecessor-version":[{"id":4161,"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=\/wp\/v2\/posts\/1604\/revisions\/4161"}],"wp:attachment":[{"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1604"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1604"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dataprivacyparty.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1604"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}