WHAT IS THE DATA INVENTORY SERVICE?
WHY DO I NEED IT?
Companies regulated by NYS Department of Financial Services must take a risk-based approach to protecting Non-Public Information (NPI). You can’t meet your obligations without a data inventory that maps out where NPI exists across the organization and with third-parties. Senior management must submit an annual certification of compliance with the requirements. Companies risk hefty fines for violations and termination of CIO.
Companies operating in the Dubai International Financial Center (DIFC) must take all steps necessary to protect personal data and ensure processing is secure and lawful. Compliance requires identifying and documenting personal data processing activities for all media types. Companies must develop and maintain a comprehensive data inventory to adequately meet the requirements.
Companies must take all steps necessary to protect the personal data of EU/EEA citizens. At a minimum, companies must develop and maintain a specifically formatted data inventory and compliance reporting to demonstrate due diligence and regulatory compliance. Corporate reputation, fines, penalties and litigation are at stake.
Companies should know what personal information they have in files and on computers, protect the information that is retained and properly dispose of what is no longer needed.
A key focus of the requirements is limiting access to sensitive data. An up-to-date data inventory provides essential information regarding access rights and other critical elements.