Identifying your risks and opportunities.
Data mapping and classification can help identify your data flows to maintain your processing activities.
GDPR data mapping and classification
Overview
All organisations are required to manage their data processing activities. To do this, it is important that you understand what personal data you hold, where it came from and where that data goes. Additionally, organisations with more than 250 employees or smaller organisations with higher-risk data processing activities, are also required to maintain records of these data processing activities.
With personal data flowing in and out of multiple departments within your organisation, this can seem like a daunting task. LRQA’s data mapping and classification service can help you identify the data flows throughout your organisation ensuring you meet the GDPR requirements.
How can LRQA help?
LRQA’s GDPR data mapping and classification service can support you through the process and identify all your data flows throughout your organisation, which can help you to comply with the GDPR. This assessment will include:
- Data discovery – The development of data inventory of the personal data that you request, process and store.
- Data classification – The categorisation of personal data, including sensitive data, that you process or store, which has more stringent requirements under the GDPR.
- Data mapping – The identification of who has access to your personal data to ensure that your data is secure and that your people are adequately trained in data protection. It will also highlight the points within your processes where data is transferred to another processor.
- Risk assessment – The identification of risks relating to the GDPR principles – for example, opportunities for data minimisation.
