Most privacy products don’t take into account three fundamental data realities that directly impact fulfilling your DSR in a compliant manner.
1. Your organization, like most, has data scattered across databases, warehouses, S3 buckets, Dropbox, OneDrive, and good old windows shared drives.
2. Personal data is spread across these places, and you’re not sure exactly where.
3. To fulfill a DSAR, you must accurately locate (and delete) a given person's data from this scattered data ecosystem.
Most data privacy tools will not help you solve this problem, leaving you vulnerable to significant risk. Here’s why:
Most privacy tools in the market today focus on solving the workflow-like aspects of privacy, such as helping conduct surveys across the organization to try and get a sense of the organization’s data inventory and helping assign tasks to people within the organization to fulfill a subject rights request.
The problem with this approach is that when you don’t know what kind of data is where and who has access to it, you are flying blind. Circulating surveys on top of this can only produce incomplete and inaccurate results.
Doing data privacy right starts with the data.
Unlike other tools, Divebell is designed to understand your data first. It scans your data ecosystem — your databases, warehouses, S3 buckets, and document stores to understand what kind of data is where, what is being done with it, and who has access to it. It builds an accurate map of whose data is stored and where. This discovery-driven foundation is the basis for how Divebell helps you answer your data inventory questions, respond to subject rights requests, etc. Our workflows operate on top of this data intelligence, automating your compliance processes like DSRs, Data Inventory, ROPAs, and PIAs end-to-end, making Divebell a one-stop privacy tool you can trust.
The one question you need to ask:
If you’re evaluating data privacy products, ask your vendor if their solution can automatically classify data across your entire data environment, including image files on windows shared drives. And when they say no, get in touch with us. We believe that doing data privacy right starts with the data.
Any opinions expressed here and statements made are not legal advice, nor representations or warranties, and are intended to promote discussion around technology and data protection.