Data Tracing: businesses now need to understand where their customer data is going

Data Tracing: businesses now need to understand where their customer data is going

<- Back to all Blogs  
3 min Read   |  Published: Wed Nov 25 2020
Knowing where data sits in your businesses is a hard question for many companies to answer. Global Privacy regulation now makes this question more prevalent, with the introduction of Data Subject Requests (DSRs), records of processing activities, data retention and breach notification policies, introduced by the GDPR, LGPD, CCPA and more. From a regulatory perspective, not knowing where data sits in your business can cost you time, effort and resources, and in some cases a potentially huge fine. However, businesses have strong commercial reasons to understand where their personal data ends up: campaign performance, customer conversions and lead reconciliation across partners are just a few.
Many of the attempts we see to audit, and document processing activities are highly inaccurate, inefficient and very manual – quite often relying on things like Excel or GCP. This makes it extremely difficult to prove compliance when needed and doesn’t make commercialising that information easy. Businesses need to start making efforts to understand where their data sits today, and where it will be going in the future.

Internal Data Tracing

Data tracing is the ability to understand where personal data ends up in your business. This includes understanding where data is copied to, and cases in which data may be partially copied. It can also include information about who has accessed it, what systems are actively processing it, and what has happened to it over its lifecycle in the business (e.g. rectification, masking, deletion, etc).

For businesses and their own systems, data tracing is largely about data breaches and the avoidance of large fines. While many data breaches can be attributed to the proliferation of personal data and lack of security around systems, high profile breaches can also happen in which failure ‘to keep appropriate tabs’ on customer data can mean companies underestimate the care with which systems that hold it should be given. Another simple example for regulation is DSRs: businesses have only 30 days (and in some countries only 15) to return a complete declaration of a customers’ data. Being able to query a centralised system or database that can return a map of an individual’s data across your businesses will save you time, money and headaches, and might also save you a large fine.

3rd party data tracing

One of the biggest issues we see is that most business can’t properly answer how, why and for how long data is used or accessed within their own company, let alone when a 3rd party provider is involved. A growing problem in the world of privacy is the increasing number of data breaches that are occurring due to the hacking of 3rd party processors. Recent industry reports suggest that over 60% of security breaches occur via a 3rd party. These data breaches are now not only a regular occurrence but, according to recent Gartner reports, are also on average $700,000 more expensive. Businesses need to understand if they can first minimise the amount of data they are sharing with partners, and then need to keep contextual records of what data they have shared, why, and for how long.

Data tracing with Trunomi – reducing risk and gaining value

Trunomi’s TruDataTrace uses patented technology to provide businesses with Privacy compliance and intelligence around their personal data. With TruID and TruCert™, Trunomi can trace data easily across a business’ systems, databases, 3rd party tools and partners, providing stakeholders with a single, global view of where their customer data resides. TruID is a completely safe representation of a customer and – as a linkable, immutable record – provides your business with an auditable view of all events as they relate to the ID over a given period of time. Contextual TruCert™ can record intelligence around customer data over its entire lifecycle within your business, which can be used to prove compliance, automate manual processes and drive revenue.

If you’d like to learn how TruDataTrace can help your organisation or request a demo, please get in touch at [email protected].