Privacy new case form
On the new privacy case form, fill in the fields.
| Field | Description |
|---|---|
| Number | Number of the case. This field is automatically set. |
| Title | Name of the case. For example, Customer records compromised by unprotected back-up database. |
| Type | Nature or type of case. This field is automatically set to Privacy case. |
| State | Workflow state of the case. This field is automatically set to New. |
| Requester | Person who reported the case. |
| Primary entity | Entity impacted by the case. Only the entities identified in the impacted areas are available for selection as the primary entity. |
| Sub-type | Sub type of case. For example, Documentation Loss. |
| Priority | Priority of the case. The choices are as follows:
Note: The default value in this field is set to
Planning. |
| Requested on behalf of | Name of the person on whose behalf you’ve created the case. |
| Entity owner | User who is the owner of the entity. This field is automatically set based on the entity selected in the Impacted areas related list. |
| Description | Brief description of the case. |
| Personal information | |
| Contains personal information | Field to decide if the breach contains personal information. The choices are as
follows:
|
| Number of impacted individuals | Number of people impacted by the case. |
| Categories of data subjects/individuals impacted | Define who is impacted by the case. The choices are as follows:
|
| Assignment | |
| Assignment group | Group assigned to the case. Note: The assignment group is preconfigured to the
case type during configuration setup. |
| Case analyst | Analyst who will analyze and work on the case. The case analyst is a part of the Assignment group. |
| Watch list | People who must be aware of the case. |
| Accountable executive | Executive who is accountable for the case. |
| Primary origin | |
| Location | Location where the case occurred. For example, the location is Japan. |
| Impacted business unit | Business unit that is impacted by the breach. |
| Source | Source of the case creation. This field is automatically set to Manual when the case is manually created. If the case is reported from the Employee Center, the field displays the source as Employee Center. |
| Additional source | Mode of how the case is reported when the case is created manually. This field is
available only when Manual is selected from the
Source field and the record is saved. The choices are as
follows:
|
| Sub-location | Sub location of the case occurrence. For example, the sub location is Tokyo. |
| Impacted department | Department impacted by the case. The choices are as follows:
|
| Source record | Source record of source object from where the case is created. For example, if the case is reported from risk events, then this field displays the name of the risk event from which the case is reported. |
| Schedule | |
| Date of occurrence | Date the case occurred. For example, the case may have occurred on 18-02-2022. |
| Date of discovery | Date the case is discovered by you. For example, the case may have occurred on 18-02-2022, but is discovered by the user only on 12-03-2022. |
| Reported date | Date the case is reported. |
| Case closure SLA | Expected date of case closure. |
| Investigation planned start | Planned start date to investigate the case. |
| Investigation actual start | Actual start date of case investigation. |
| Remediation planned start | Planned start date to remediate the case. |
| Remediation actual start | Actual start date of case remediation. |
| Investigation planned end | Planned end date to investigate the case. |
| Investigation actual end | Actual end date of case investigation. |
| Remediation planned end | Planned end date of case remediation. |
| Remediation actual end | Actual end date of case remediation. |
| Breach analysis | |
| Breach status | Status to indicate if a breach has occurred or not. The choices are as
follows:
|
| Breach start | Date the breach started. This field only appears when Breach detected or Future potential is selected from the Breach status field. |
| Reporting status | Status of the case being reported to the regulators. This field is automatically set based on the reporting status of the regulations associated with the case. If a case has many regulations and even if one regulation is identified as reportable, then the reporting status of the case is set to Reportable. The default value of this field is To be determined. |
| Breach end | Date the breach ended. This field only appears when Breach detected or Future potential is selected from the Breach status field. |
| Breach significance identified | Date when the user identifies that the breach is significant. This field only appears when Breach detected or Future potential is selected from the Breach status field. |
| Root cause analysis | |
| Primary cause | Primary cause of the case occurrence. This field is automatically set to the primary cause that is selected in the Cause and consequences related list. |
| Related consequence | Consequences of the primary cause for the case. |
| Overall observations | Observations made regarding the case. |
| Remediation taken | Field to indicate if remediation measures have been taken to address the case.
The choices are as follows:
|
| Overall preventive measures | Preventive measures taken toward the case. |
| Activity | |
| Work notes (Private) | Notes or information regarding the case. |
| Additional comments (Customer visible) | Additional information regarding the case for the customers. |