Knowing the type of data that you collect, where it is being held, with whom it is being shared, and how it is being transferred is a central component of many data privacy and data security programs. The process of answering these questions is often referred to as a “data map” or a “data inventory.”

Although the questions that a data map tries to solve are relatively straightforward, the process of conducting a data map can be daunted depending upon the size and structure of an organization. In addition, it is important to remember that data and its location can be in constant change within an organization. As a result, organizations must consider how often to invest the time in a data map and, once invested, how long the information will be useful.

Click here to view the table.