Flagging Business Glossary Terms by Privacy Classifications

Douglas Thompson

Flagging Business Glossary Terms by Privacy Classifications

We are looking to expand the attributes we capture in our business glossary.  One of the attributes currently being considered is Privacy Classification (confidential, non-public, etc.).  Why do I want to assign a Privacy Classification to the terms in the business glossary?  What purpose would this serve or problem would this solve?

Thanks

Doug

Merrill Albert

RE: Flagging Business Glossary Terms by Privacy Classifications
(in response to Douglas Thompson)

Is your business glossary tied to your database at all?  People often record the privacy classification so you know what data needs to be protected.  It helps you show what access you need to apply to different data fields.  It's also becoming even more popular now with things like CCPA regulations.

Douglas Thompson

RE: Flagging Business Glossary Terms by Privacy Classifications
(in response to Merrill Albert)

No, our glossary is not tied to our data warehouse.  User access security and masking of personal information is handled via a different process.  At this time, the flagging would be purely for informational purposes. 

The software we use will be providing functionality in the future which can allow users to analyze/profile actual data.  Once that is implemented, I can see flagging and ultimately masking of the personal information to be more important.

Ray Diaz, CBIP, CDP, CSM, ICP-ATF

RE: Flagging Business Glossary Terms by Privacy Classifications
(in response to Douglas Thompson)

Douglas,

I have utilized the HR Open Standards Canonical Data Model's terms and definitions to initiate the Business Glossary. Then I have linked the Terms data elements to Data and Privacy Compliance classifications.