Accessing control through organizational structure
Access to processing activity records can be restricted by using Entity-Based Access (EBA).
User access to processing activity records and related data can be restricted based on an organizational structure. This structure may reflect a legal entity, jurisdiction, business unit, or any segmentation aligned with how your privacy teams operate. This approach enables granular security and supports regulatory compliance for organizations functioning across multiple regions or subsidiaries.
Entity-Based Access (EBA) implements this control by enforcing data segregation according to the defined organizational structure. With EBA, users can only view and manage records for the entities or jurisdictions to which they have been explicitly granted access. Records outside this defined scope remain hidden.
Key characteristics
- Dynamic segmentation: Access can be assigned based on the organizational structure, such as legal entity, jurisdiction, business unit, or any defined grouping. So processing activity records are only visible to the appropriate teams.
- Regulatory alignment: Access controls can be mapped to organizational structures, helping organizations meet local regulatory requirements and maintain clear audit trails.
For information about configuring access control, see Configuring access control.
UI impact
- Processing activity details: Hidden for records outside the user’s scope.
- Data lineage: Information for inaccessible entities is hidden, and navigation buttons on the side panel are disabled.
- Reports and dashboards: Visibility in reports such as processing activity, risk scan, and compliance is filtered based on entity configuration.
Role capabilities
| Role | Capabilities |
|---|---|
| Privacy admin |
|
| Privacy manager | View entity configurations |
| Privacy analyst | Access records for configured entities and their associated downstream entities |
| Privacy business user | Access records for configured entities and their associated downstream entities |