Live Data Map Overview
DataGrail's Live Data Map Product provides a comprehensive and dynamic view of the privacy risk in your systems. Your privacy team will use Live Data Map to:
- Review how many and which systems contain Personally Identifiable Information (“PII”) that must be disclosed or deleted as part of data privacy requests according to regulations such as GDPR and CCPA.
- Proactively detect "Shadow IT" or systems containing personal data that may have never gone through an accurate security or privacy review.
- See which apps are processing sensitive personal information, utilizing AI, and more, so you can prioritize privacy efforts.
- Prepare a Record of Processing Activities (RoPA), required as a living document for GDPR compliance.
Live Data Map also supports Responsible Data Discovery (“RDD”) for integrated third-party SaaS applications. Depending on your DataGrail agreement, your team may also have access to RDD for on-premises or first-party data sources. Contact your Customer Success Manager for more information on what's included in your Live Data Map plan.
Jump Ahead
- How do I navigate Live Data Map?
- Who uses Live Data Map?
- What is involved in implementing Live Data Map?
- How is Live Data Map maintained once launched?
Tour Live Data Map
Live Data Map consists of three main features, which you can learn more about by clicking the links below:
Live Data Map Users
The following User Roles have access to the Live Data Map product:
The Live Data Map Admin role allows users to complete any action associated with Live Data Map, including the functions of the Inventory Manager. LDM Admins can also add and remove systems, categorize systems, and edit the configuration of the exports.
The Inventory Manager role grants users the ability to manage and export Inventory System Reports. Inventory Managers may be assigned specific systems or have access to all systems for an organization.
Implementation Summary
To begin using Live Data Map for visualization and analysis of high risk systems, you will need to populate the System Inventory.
DataGrail provides three methods to populate your System Inventory:
-
System Detection: DataGrail integrates with popular SAML/SSO providers (i.e. Salesforce, Okta, Google Apps) to identify third-party systems within your organization. We utilize our extensive internal systems network as well as external third-party app catalogues like G2 to provided automated results you can trust.
-
Manual System Entry: For systems that cannot be identified through supported integrations or that are isolated within your tech stack, they can be added to your inventory manually. With manual system entry, reports can be generated for any system, regardless of their visibility or relation to other integrated systems.
-
Responsible Data Discovery (RDD): To perform Data Classification, DataGrail utilizes a containerized API agent to locate and identify structured, semi-structured, and unstructured data in your systems.
Live Data Map Features
System Inventory
The System Inventory allows you to have a comprehensive view of systems within your organization, what personal data they process, and the inherent risk associated with each. Our goal is to help you understand where privacy risk lives across your systems through ongoing system detection, surfacing PII risk and allowing you to capture the measures in place to manage that risk.
System Profile
The System Profile Page (previously Inventory System Reports) is a home base for systems, where you can leverage a variety of capabilities including managing business processes and use cases, risk assessments, and more!
- Leverage DataGrail's Instant Risk Classification to quickly understand whether a system processes sensitive personal data or has AI usage.
- Manage high-risk systems by capturing the associated Business Processes, use case, owners and more!
- Generate Risk Assessments on high-risk systems to proactively identify and mitigate risks.
Data Classification
Responsible Data Discovery ("RDD") takes system detection a few steps further, revealing the presence of PII in your systems while operating within the strictest security guidelines.
Purpose-built data models and abstracted machine learning allow DataGrail to identify and report on sensitive data without ever surfacing or transmitting the sensitive details.
Further Reading
To better understand data-mapping inside and outside of DataGrail, check out these resources:
- Data mapping 101: More context on why data mapping is done and how organizations accomplish it.
- Data mapping for GDPR compliance: Full compliance on DSR processing under GDPR requires a complete and integrated data map.
- What is sensitive personal information? Data classification is an important step of data mapping; learn more about what constitutes as sensitive personal information.
- Life360 case study: Learn how Life360 utilized Live Data Map to proactively classify and address sensitive data risk.
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.