Many of the attempts we see to audit, and document processing activities are highly inaccurate, inefficient and very manual – quite often relying on things like Excel or GCP. This makes it extremely difficult to prove compliance when needed and doesn’t make commercialising that information easy. Businesses need to start making efforts to understand where their data sits today, and where it will be going in the future.
Internal Data Tracing
Data tracing is the ability to understand where personal data ends up in your business. This includes understanding where data is copied to, and cases in which data may be partially copied. It can also include information about who has accessed it, what systems are actively processing it, and what has happened to it over its lifecycle in the business (e.g. rectification, masking, deletion, etc).
For businesses and their own systems, data tracing is largely about data breaches and the avoidance of large fines. While many data breaches can be attributed to the proliferation of personal data and lack of security around systems, high profile breaches can also happen in which failure ‘to keep appropriate tabs’ on customer data can mean companies underestimate the care with which systems that hold it should be given. Another simple example for regulation is DSRs: businesses have only 30 days (and in some countries only 15) to return a complete declaration of a customers’ data. Being able to query a centralised system or database that can return a map of an individual’s data across your businesses will save you time, money and headaches, and might also save you a large fine.
3rd party data tracing
One of the biggest issues we see is that most business can’t properly answer how, why and for how long data is used or accessed within their own company, let alone when a 3rd party provider is involved. A growing problem in the world of privacy is the increasing number of data breaches that are occurring due to the hacking of 3rd party processors. Recent industry reports suggest that over 60% of security breaches occur via a 3rd party. These data breaches are now not only a regular occurrence but, according to recent Gartner reports, are also on average $700,000 more expensive. Businesses need to understand if they can first minimise the amount of data they are sharing with partners, and then need to keep contextual records of what data they have shared, why, and for how long.
But it’s not always about regulation: 3rd party data tracing can have financial benefits too. Take the example of partnerships that operate on a referral or product matching basis: the ability to guarantee lead reconciliation amongst partners can affect not only the bottom line, but partner relations, marketing budget, product matching algorithms and more. True data tracing here requires a system that is able to identify individuals across multiple business entities, no matter how each partner IDs their customers.
Data tracing with Trunomi – reducing risk and gaining value
Trunomi’s TruDataTrace uses patented technology to provide businesses with Privacy compliance and intelligence around their personal data. With TruID and TruCert™, Trunomi can trace data easily across a business’ systems, databases, 3rd party tools and partners, providing stakeholders with a single, global view of where their customer data resides. TruID is a completely safe representation of a customer and - as a linkable, immutable record - provides your business with an auditable view of all events as they relate to the ID over a given period of time. Contextual TruCert™ can record intelligence around customer data over its entire lifecycle within your business, which can be used to prove compliance, automate manual processes and drive revenue.
If you’d like to learn how TruDataTrace can help your organisation or request a demo, please get in touch at firstname.lastname@example.org.