General Data Protection Regulation (GDPR) (EU Safe Harbour v2)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2017 02:34 PM
We are a relatively small company (e.g. <100 employees), and we don't need the full-blown GCR module, etc. I was curious if anyone has come up with a good way to track data information, lifecycle, etc. I'm wondering if this could be handled with an extension of the CMDB_CI table and/or maybe a separate table, with a relationship to the CMDB_CI.
If not, I'm going to work on something, and I'm happy to provide whatever I come up with (if it is any good). But if anyone has already built and solved this problem, I would love to hear how you did it and/or any other advice anyone may have.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2017 10:32 AM
Thanks again for your response, harshtimes. (and I hope you're not really having harshtimes)
I think I'm confusing the issue by using "track". Every company has "data" they maintain. I need a way to record and categorize ('track') this data, and capture things like, who uses this data, for what, what systems interact with this data, is this data in-scope for GDPR.
I'm coming around to the idea that we setup a discrete table to define the data types (e.g. customer contact information, employee contact information), and add fields to indicate how it's used, where it's used, and what systems (CIs) interact with it.
If you or anyone has any better ideas, please let me know.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-08-2018 09:51 AM
Hi John
I'm after the same as you - to have a way to flag specific CI's as to data owner, data usage, retention, and GDPR scope - possibly even more details.
Did you eventually implement your own suggestion and if so, did that meet your needs?
Or perhaps you found a solution elsewhere?
Thanks
Andy
