Key Takeaways

Key Takeaways

  • Sensitive data minimization requires a framework incorporating policies, data discovery, business application mapping, process review and training, governance, and metrics and reporting
  • Ongoing sensitive data compliance monitoring builds off previous data discovery work to re-discover and remediate new sensitive data on a set schedule
  • Addressing non-compliant sensitive data in the context of the process for which it was collected allows organizations to identify and initiate process improvements that limit personal data collection to only what is necessary.

 

In our previous posts in this series about file share cleanups and data minimization, we shared an approach for conducting a sensitive cleanup project in Part 1 and discussed the shortcomings of relying on sensitive data labels alone to drive privacy compliance in Part 2. In this final post, we share an approach for applying the insights from a sensitive data cleanup project to create an ongoing privacy monitoring and minimization workflow.

Once You Understand the Data, Take Steps to Minimize It for Good

Whether your organization is or is not using labels to manage sensitive data where it lives, the steps to minimizing sensitive data collection and managing it through its lifecycle are the same. The framework for full-scale unstructured data privacy minimization needs to include the following elements:

 

  • Policies: Establishing policies for the collection, access, management, storage, and retention of sensitive data. These policies are the guardrails that establish what compliant data looks like based on business need and the level of agreed upon acceptable risk.
  • Discovery & Cleanup of Legacy Data: Conducting data discovery and cleanup on legacy data in unstructured data repositories to uncover, document, and remediate sensitive data in compliance with policy.
  • Business Application Mapping: Connecting the discovered sensitive data to the business areas that placed it in the unstructured data repositories.
  • Process Review and Training: Having each business area link its discovered sensitive data to the business processes driving collection, then reviewing, revising, training around those processes as required.
  • Governance: Establishing data governance protocols for new data collection processes to ensure compliance with sensitive data regulatory requirements and organizational policy.
  • Metrics and Reporting: Conducting re-discovery and measuring and reporting results on an ongoing basis to uncover and address gaps in sensitive data compliance.

Realigning for Rediscovery

In Part 1 of this series, we outlined an approach for using file analysis software to conduct a full-scale unstructured data cleanup. This approach defensibly reduces the volume of accumulated unstructured data, conducts analysis to discover sensitive data within the remaining content, and creates reports by business area for data review and action. The approach also calls on business areas to link discovered sensitive data to the processes for collecting it and to review those processes to identify and address compliance gaps. Preventing misplaced and mismanaged sensitive data once and for all continues this process by setting an on-going re-discovery process.

Following the recommended three-phase sensitive data cleanup plan we outlined in part I makes shorter work of establishing an ongoing compliance monitoring program. Having an unstructured data inventory, organized by business area, allows you to refresh your data cleanup project plan and conduct rediscovery of sensitive data on a set schedule. Our recommended process is to take the following steps once a cleanup project is completed:

 

  • Establish Rediscovery Cadences: Determine and schedule regular intervals for reviewing unstructured data repositories for sensitive data. How often you review a repository depends on factors including policy requirements, consumer data collection processes, user access levels, the active/inactive status of data, and the level of risk the repository presents. Refreshes can be scheduled weekly, monthly, quarterly or annually to align with the level of risk a business group and repository present, or in alignment with governance team review cycles.
  • Add New Data Repositories: Partner with your IT team to determine if any new unstructured data repositories were added since the cleanup. Follow the steps in Part I to scope, secure credentials, and map the data in these new locations to the accountable business areas.
  • Confirm and Test Credentials: Work with IT to ensure your credentials to access the data repositories for review are current.
  • Review the Sensitive Data Discovery Rules: Partner with your privacy compliance team to review the rules for identifying sensitive data, taking care to add any new requirements resulting from regulatory or policy changes.
  • Review and Adjust Business Area Designations: Review your previous work to configure your file analysis program to assign discovered data to the accountable business areas and make any changes needed to reflect organizational changes or realignments.
  • Run Rediscovery Analysis: Configure your file analysis software to only review and analyze new and changed data since your last sensitive data discovery analysis.
  • Report the Results: Create and share reports of changes that incorporate top-level compliance scoring and benchmarking in the sensitive data findings for all impacted business.
  • Remediate and Review: Confirm that business areas take steps to remediate sensitive data uncovered in rediscovery according to policy. Instruct business areas to review processes and take steps to address the reasons for non-compliance.

 

Making Data Minimalization Timeless Instead of Point-In-Time

The approach outlined above establishes a foundation for sensitive data minimization as a new way of working. It moves an organization from a snapshot-in-time picture of privacy compliance to an ongoing process of reviewing and reducing sensitive data. Creating a metrics framework that incorporates top-level scoring and reporting allows organizations to prioritize and focus on what matters most. First, it gives organizations an up-to-date map of where sensitive data currently lives and engages the business owners to redesign their processes to support data minimization. Secondly, it establishes a regular cadence for reviewing and reporting on the non-compliant storage of sensitive data in those data repositories to prevent future accumulation. Finally, it prompts the organization to ensure data minimization remains at the forefront of policies, procedures, and workflows as the business continues to evolve.