3 Privacy and data governance part 1: data classification

 

This chapter covers

  • Data Classification: what it means in the context of your customers and their privacy
  • Why Data Classification is Necessary
  • How you can implement Data Classification from a technical and practical viewpoint
  • How Data Classification could help satisfy your compliance challenges
  • How the Data Classification process could work cross-functionally
  • An end-to-end Data Classification process

In the first two chapters, we developed an understanding of privacy and what it means for your business. We then built a mental model that connects privacy to trust and safety, so that rather than an altruistic abstraction, privacy becomes a critical business goal.

Subsequently, we identified data as the building construct for privacy because of

  • its power to identify individuals,
  • its abundance thanks to ubiquitous internet connectivity, universally accepted IDs like Google, Facebook and other device IDs
  • its ability to shape and influence behavior by way of machine learning and artificial intelligence
  • its potential to create often irreversible harms if used inappropriately or exfiltrated

Since protecting user privacy is critical for your company to maintain trust with users and maintain credibility with regulators, media and privacy activists, it follows logically that your privacy-related efforts need to focus on data.

3.1      Data Classification and Customer Context

3.2      Why Data Classification is Necessary

3.2.1   Data Classification as part of Data Governance

3.2.2   Data Classification: How it helps align Priorities

3.2.3   Industry Benchmarking Around Data Classification

3.2.4   Unstructured Data and Governance

3.2.5   Data Classification as part of your Maturity Journey

3.3      How you can implement Data Classification to improve Privacy

3.3.1   Data Classification and Access Options

3.3.2   Data Classification, Access Management and Privacy - example #1

3.3.3   Data Classification, Access Management and Privacy - example #2

3.4      How to Classify Data to avoid Confusion around Privacy Laws

3.4.1   Data Classification as an Abstraction for Privacy Laws

3.4.2   Data Classification to resolve tension between interpretations of Privacy Laws

3.5      The Data Classification Process

3.5.1   Working with cross-functional stakeholders on your Data Classification

3.5.2   Formalizing and Refactoring your Data Classification

3.5.3   The Data Classification Process: A Microsoft template

3.6      Data Classification: An Example

3.7      Summary

sitemap