Learn about privacy assessments (preview)
Organizations today face significant challenges in maintaining current justified documentation of data usage across their data estates. The assessment of personal data use often involves manual and time-consuming tasks like generating and updating custom questionnaires as well as monitoring data use across the business, hindering the privacy team’s ability to keep up with the rapidly evolving business use of personal data. As a result, privacy impact assessments are performed retrospectively or quickly become stale, failing to accurately reflect the current state of data use within the organization.
Microsoft Priva Privacy Assessments (preview) automates the discovery, documentation, and evaluation of personal data use across your entire data estate. Using this regulatory-independent solution, you can automate privacy assessments and build a complete compliance record for the responsible use of personal data. Your organization can easily embed your custom privacy risk framework into each assessment to programmatically identify the factors contributing to privacy risk. With customizable privacy rules, an assessment can be automatically assigned when a change in data processing is detected in your Data Map.
Scenarios for privacy assessments
As a privacy professional, you can accomplish the following tasks with privacy assessments:
Automate the creation of privacy assessments: Create custom assessments tailored specifically to your organization. Use the easy editing interface to create the assessment you need to capture critical information about your organization’s data use.
Monitor personal data usage: Create and customize privacy rules that automatically monitor data usage in your data map and trigger an assessment when a change in data processing is detected.
Evaluate privacy risks: Create a customized privacy risk framework that can be operationalized through privacy assessments.
Other compliance stakeholders in your organization, such as business owners and engineers, can accomplish the following tasks with privacy assessments:
Register and model the use of personal data in the Microsoft Purview Data Catalog using logical business assets in the metamodel. The class of assets, such as projects, applications, and business processes, allow for defining of concepts and representing uses of data to contrast from other assets that depict physical data like a table or database. Throughout the documentation for privacy assessments we will refer to this class of assets as projects.
Define the relationship between the business asset representing the data use and the physical data assets associated with that use.
Collaborate on, complete, and submit an assessment response comprehensively describing and documenting the data use.
Next steps
Visit Get started with privacy assessments to learn about roles, terminology, and understand the overview page.
Configure the metamodel and register assets in preparation for assigning assessments.
Learn how to create and manage privacy assessments.
Set up privacy rules so that assessments can be automatically assigned whenever a change in data processing is detected.
Legal disclaimer
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for