Key Needs for Data Privacy
Define and manage governance policies
Define what is sensitive, what is not, and define how that personal or sensitive data should be treated. Refer to Fordham’s Data Classification and Protection Policy.
Discover, classify and understand personal and sensitive data
Based on the definitions, where is this data? What functions, people, and applications have access? Refer to Fordham’s Data Classification Guidelines.
Map identities
Ensure you have the ability to reference privacy data by individuals or subject names.
Analyze data risk, establish protection plans
Know your data privacy risks, be able to prioritize them, and simulate the best way to remediate them before spending; you can’t fix everything at once.
Protect data, manage subject rights and consents
Make it easy to take action, whether protecting data, managing rights, or monitoring for violations.
Measure, communicate, audit readiness
Keep key stakeholders informed of program progress and issues, and provide an immediate response to auditors.