The following asset types, resource roles, and domain types related to Data Privacy are packaged and available out of the box in every Collibra environment. These are activated only for those who have purchased Data Privacy.
The Data Privacy Operating Model file is available on the Downloads page. This file contains the entire Data Privacy operating model, which includes the following:
- Data Privacy asset types added via the installation files.
Examples: Contract, Remediation Plan, and Safeguard asset types. - Changes made by the installation files to the packaged asset types in Collibra.
Examples: New characteristics added to Business Process, Data Category, and Data Set asset types.
Asset types
The following Data Privacy asset types, including their dependencies such as characteristics, statuses, and roles, are included in the packaged operating model:
- Data Subject Category
- Jurisdiction
- Legal Basis
- Party
- Vendor
- Processing Category
- Purpose
- Regulation
- Risk
- Control
The remaining Data Privacy asset types are deployed via the installation files.
Resource roles
The following Data Privacy resource roles are packaged:
- Business User
- Data Protection Officer
- Data Steward
- Privacy Steward
These resource roles are required to work with Data Privacy workflows, which are deployed via the installation files.
The following table contains the attributes of the aforementioned resource roles.
| Name | Description | ID | Permission | System |
|---|---|---|---|---|
| Business User | A user with responsibility over a domain, subject or process that is also user of the solution, application or tool. | c0e00000-0010-0010-0000-000000000002 | ['ASSET_ATTRIBUTE_CHANGE', 'COMMENT_REMOVE', 'RATING_REMOVE', 'VIEW_PERMISSIONS_CHANGE', 'ASSET_ADD', 'COMMENT_ADD', 'ASSET_CHANGE', 'COMMENT_CHANGE', 'RATING_CHANGE', 'ASSET_ATTRIBUTE_ADD', 'ASSET_TAG_CHANGE', 'ASSET_STATUS_CHANGE', 'ASSET_ATTRIBUTE_REMOVE', 'RATING_ADD'] | TRUE |
| Data Protection Officer | A Data Protection Officer (DPO) is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). The DPO is responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements. | c0e00000-0000-0000-0000-000000005068 | ['DOMAIN_RESPONSIBILITY_ADD', 'ATTACHMENT_ADD', 'COMMENT_ADD', 'DOMAIN_RESPONSIBILITY_CHANGE', 'COMMENT_CHANGE', 'DOMAIN_RESPONSIBILITY_REMOVE', 'WORKFLOW_MANAGE'] | TRUE |
| Data Steward | A data steward is a role within an organization responsible for utilizing an organization's data governance processes to ensure fitness of data elements - both the content and metadata. Data stewards have a specialist role that incorporates processes, policies, guidelines and responsibilities for administering organizations' entire data in compliance with policy and/or regulatory obligations. A data steward may share some responsibilities with a data custodian. | c0e00000-0010-0010-0000-000000000000 | ['ASSET_ATTRIBUTE_CHANGE', 'ATTACHMENT_ADD', 'COMMENT_REMOVE', 'RATING_REMOVE', 'ASSET_TYPE_CHANGE', 'VIEW_SAMPLES', 'ATTACHMENT_CHANGE', 'ASSET_ADD', 'VALIDATION_EXECUTION', 'ATTACHMENT_REMOVE', 'COMMENT_ADD', 'ASSET_CHANGE', 'COMMENT_CHANGE', 'RATING_CHANGE', 'ACCESS_DATA', 'ASSET_ATTRIBUTE_ADD', 'ASSET_TAG_CHANGE', 'ASSET_REMOVE', 'ASSET_STATUS_CHANGE', 'ASSET_ATTRIBUTE_REMOVE', 'RATING_ADD', 'WORKFLOW_MANAGE'] | TRUE |
| Privacy Steward | A privacy steward is a role within an organization responsible for utilizing an organization’s data governance processes to ensure compliance. Privacy stewards have a specialist role that incorporates processes, policies, guidelines and responsibilities for determining with which policy and/or regulatory privacy obligations an organization should comply. | c0e00000-0010-0010-0000-000000000001 | ['ASSET_ATTRIBUTE_CHANGE', 'ATTACHMENT_ADD', 'COMMENT_REMOVE', 'RATING_REMOVE', 'ASSET_TYPE_CHANGE', 'VIEW_SAMPLES', 'ATTACHMENT_CHANGE', 'ASSET_ADD', 'VALIDATION_EXECUTION', 'ATTACHMENT_REMOVE', 'COMMENT_ADD', 'ASSET_CHANGE', 'COMMENT_CHANGE', 'RATING_CHANGE', 'ACCESS_DATA', 'ASSET_ATTRIBUTE_ADD', 'ASSET_TAG_CHANGE', 'ASSET_REMOVE', 'ASSET_STATUS_CHANGE', 'ASSET_ATTRIBUTE_REMOVE', 'RATING_ADD', 'WORKFLOW_MANAGE'] | TRUE |
Domain types
The following Data Privacy domain types are packaged.
| Domain | Description |
|---|---|
| Process Register | A collection of business processes. |
| Remediation Register | An inventory of remediation plans and actions to remediate risks within an organization. |
| Risk and Control Register |
A domain that contains assets of the following asset types:
|