Data Flow Mapping is the process of documenting the flow of information from one physical location to another. It enables you to track data from its entry point into your organisation, right through to its exit point – and everywhere in between. Getting a handle on how, where and why data moves through your organisation is central to complying with GDPR. Let me explain why.
Risk is one of the critical themes of GDPR. It is mentioned over 60 times in the regulation. With such a keen focus on risk, you need to be able to properly risk assess your data, your systems and your processes. Until data flows have been assessed and mapped they cannot be effectively secured against known risks – which will lead to data breaches and large fines from the Information Commissioner’s Office (ICO). With fines due to be reaching up to 20 million Euros, or 4% of turnover (whichever is higher), you really cannot afford to take this lightly.
For an over of GDPR, read our blog: What is GDPR?
Data Flow Mapping will do a number of things that will help you to get compliant with GDPR. Not least of all because, should the worst happen and a data breach occurs, being able to show the ICO evidence that you have done things like Data Flow Mapping to reduce those critical risk levels will mean lower fines and less harsh sanctions.
Data Flow Mapping will also:
Once completed, it will become clear where the risk points are, and how you can reduce them. For example, you’ll be able to discover if a department has access to data that it shouldn’t, or whether you are holding on to data for too long if it doesn’t have a clear exit path. As we have already said, reducing these risks is what becoming GDPR compliant is all about.
Later this week we'll be talking in more detail about Data Flow Mapping, how to get the most out of it, and the best approaches to use with it. Keep your eyes peeled.
GDPR is coming, and will impact every organisation. With less than a year to go its important that people get a handle on their data, or risk the ICO’s wrath. If you’d like to know more about how Data Flow Mapping can help you become GDPR compliant, talk to us today.
Head of Consulting
Jon has spent 30 years in the IT industry positioning and developing disruptive & transformative technologies. He has worked extensively in Silicon Valley, Asia and Europe and has experience of working with VC’s and private equity ﬁrms and was recently part of a successful IPO on AIM. Jon is a high energy, strategic leader with integrity and a track record of delivering high growth. He is proud of his achievements and the businesses and teams he has helped to build.