Data Inventory and Mapping Webinar Recording

Presented by: IAPP & OneTrust

In this webinar, we discussed:

  • Why data mapping is a critical process for compliance with the GDPR (Article 30), as well as data governance success
  • An overview of the data mapping process, what it is, and how you do it
  • Operational tips and best practices
  • Real world examples and applications of data mapping

Watch Now

Data mapping and inventory are critical components of any privacy program. Understanding how data is flowing through the organization is a pre-requisite to being able to secure the data and analyze the data for risks. Maintaining an inventory also helps organizations more efficiently respond to data subject rights request to delete, correct, access, or port their data.

In the EU’s new General Data Protection Regulation (GDPR), organizations are expected to maintain extensive and up-to-date internal records of their data processing activities. According to Article 30 of the GDPR, organizations will be held accountable for compliance with record keeping requirements, with equal responsibility given to both data controllers and data processors.

OneTrust provides a simple and automated solution for data mapping, designed to address compliance with GDPR Article 30 record keeping requirements and self-certification with Privacy Shield for data transfers. OneTrust Data Mapping enables organizations to visualize the entire data lifecycle, maintain an evergreen data inventory (data processing register), identify gaps and track recommendations, evidence and approvals for remediating risk.