Privacy Program Management Use Case Design

The Data Identification Assessment questionnaire helps you inventory your information assets. The questionnaire targets the Applications application and contains questions to assist you in identifying personal or sensitive data.

The Data Protection Impact Assessment questionnaire allows you to conduct data protection impact assessments (DPIAs) to further assess processing activities that have been initially determined to be high-risk due to the sensitivity of the data or the way the data is handled.

The Data Protection Projects application acts as a central hub for scoping data protection projects based upon a number of processing activities, business processes, or information assets. Once relevant data has been added to the scope, you can generate targeted assessments to assess the privacy impact of the relevant data. Additionally, if you consider the tagged data to be sensitive enough to warrant such an action, the Data Protection Projects application provides you the ability to perform a Data Protection Impact Assessment.

The Question Library application stores assessment questions that you can reference and copy into a questionnaire. Each question is stored as an individual record, and each record contains information including the question and answer text as well as information necessary to display and score the question. Depending on the solution that you have licensed, the Question Library contains a large set of pre-built questions by default. In addition, you can add new questions and store them in the Question Library.

For the Privacy Program Management use case, you can use the questions in the library as needed when creating a Privacy Impact Assessment, Data Identification Assessment, or Data Protection Impact Assessment.

As part of a data protection project, the Privacy Impact Assessment questionnaire allows you to assess the risk posed to your organization by how you collect, use, disclose, and secure users' personal information.

The user responsible for installing and maintaining the use case. This role provides create, read, update, and delete rights to the use case.

The user responsible for ensuring data quality and data upkeep in the system. This role provides create, read, update, and delete rights to the use case.

Members of your organization's data privacy team. This role provides a combination of create, update, and read rights to the use case.

Members of your organization's legal team. This role provides a combination of create, update, and read rights to the use case.

Experts on data privacy who work independently to ensure that an entity is adhering to the policies and procedures set forth in applicable regulations. This role provides a combination of create, update, and read rights to the use case.

Individuals within your organization who are responsible for managing the data subject information under their purview and ensuring that it is processed appropriately and responsibly. This role provides a combination of create, update, and read rights to the use case.

Members of the regulatory body who need access to data in the system. This role provides read-only access to the use case.

Displays summary information about open regulatory communications, privacy impact assessments, and data identification assessments.

Only users assigned to the DPM: Data Protection Officers role can access the Data Protection Officer (DPO) dashboard.

Displays summary information about open privacy impact assessments.

Only users assigned to the DPM: Data Custodian role can access the Data Custodian dashboard.

Allows you to auto-scope a data protection project by identifying the specific processing activities that you want to include. The feed gathers information assets, business processes, facilities, applications, devices, and third parties related to the selected processing activities and relates them to the data protection project.