Data mapping (register of personal data)

An accurate register or ‘map’ of personal data is the prerequisite that informs every other data protection control. To be able to make any decisions at all and to verify that you have satisfactory controls in place, you first need to know precisely what you are processing.

Overview

Article 30 of the GDPR requires organisations to maintain a crystal clear record of the personal data that they process. And, the record must include, for each type of personal data, the reasons for processing and the controls.

We’ll provide you with a map of your personal data, in plain language and in a dashboard format that’s easy to maintain.

Prices from £1925.00 plus VAT

Your data is at risk

Your data is at risk…

To establish effective controls and safeguards (and to get the most out of the personal data that you process) you need a crystal clear picture or ‘map’ of the personal data that you process.

In a nutshell; if you don’t know precisely what you have, it’s impossible to safeguard it, manage it or to be sure that you are complying with the regulation and legislation. Without a crystal clear data map;

  • Avoiding or dealing with data breaches is harder.
  • Handling Data Subject Access Requests takes much longer.
  • You are effectively blindfolded when making purchasing and management decisions around software, hardware, training and policies.
  • Safeguards for remote or homeworking have limited value.
Data Map

So, how does Databasix produce a unique data map?

We work with you to determine what data you are processing. We conduct a detailed survey and ask you questions as we 'deep dive' into your data processing sets and controls.

You don’t need to be an expert to answer the questions. We know what we're looking for and it's our job to ask the right questions in plain language. Occasionally, there might be one or two points that we need to clarify with someone in your organisation in a specialist role, such as from your HR, sales, marketing or IT teams, in which case, we'll schedule some time with them.

For every item of personal data, we identify:

  1. What it is.
  2. Why you've got it.
  3. The legal basis.
  4. Where it is.
  5. What format(s) it's in.
  6. Who has the ability to see or share it.
  7. How retention and destruction are determined and actioned.

Usually the survey and questions take around half a day and then we need another day back at our office to document everything and to produce your shiny new data map!

Data Mapping

Why it’s so useful…

  • Privacy policies are easier to write and update
  • Respond to individual rights more effectively and efficiently (inc. Data Subject Access Requests)
  • Assess and manage data breaches more quickly
  • Identify where higher risk data needs more protection
  • Supports decision making about technology, training and systems

Contact us to help with your data mapping

Get in touch with us to discuss how we can help you map your data.

Latest News & Events

How Many Data Protection Principles Are There?

The data protection principles are laid out and explained in Article 5 of the UK GDPR. These principles are the backbone of data protection, outlining the essentials to being compliant with GDPR when handling data, and your approach to processing personal data should be intrinsically tied to these principles.

Read more

Register for News from Databasix

If you would like to stay up to date with the latest news and events from Databasix please click below, add your details and you will be added to our mailing list.

Contact Databasix

Email info@dbxuk.com
Tel 01235 838507

Databasix UK Ltd
is a registered company in England & Wales
Registration No. 08771007

Harwell Innovation Centre
Building 173
Curie Avenue
Harwell Oxford
Didcot
Oxfordshire
OX11 0QG