Data Privacy comes with an example operational organization structure, composed of communities, subcommunities, and domains. This structure is designed to meet your needs, whether you need to comply with one or several data privacy regulations.
The Data privacy building blocks community contains:
- Top-level domains that are applicable to all data privacy regulations.
- Subcommunities and domains that are applicable to specific data privacy regulations.
Top-level domains
The following table shows the domains in the Data privacy building blocks community.
| Domain |
Contents |
|---|---|
| Countries and states | Jurisdiction assets, for example, United States and Belgium. |
| Data categories | Data Category assets, for example, Payroll Information, Location Data, and Contact Information. |
| Data subject categories | Data Subject Category assets, for example, Applicants, Children, and Visitors. |
| Processing categories | Processing Category assets, for example, Archiving, Retrieval, and Storage. |
Asset change management community
This community contains the following domains, which are applicable to all regulations with which you must comply.
| Domain |
Contents |
|---|---|
|
Cron codes |
Cron-related Code assets for use with Time-based Review Rule assets. |
|
Assets used to trigger the review of related assets, based on changes to specified attributes or relations of related assets. |
|
|
Frequencies |
Business Term assets that describe various time frequencies, for example, every year, on the 15th of April. These assets are related to Code Value assets that represent cron values matching Business Term descriptions, for example, "0 0 0 15 APR". |
|
Review Request classifications |
Issue Category assets that describe the three types of review requests: time-based, event-based, and manual review requests. |
|
Assets used to trigger the review of other assets after an elapsed amount of time. |
CCPA building blocks community
This community contains the following CCPA-specific domains.
| Domain |
Contents |
|---|---|
|
CCPA articles |
Assets that represent articles of CCPA. |
|
CCPA glossary |
CCPA-related Business Term assets. |
|
CCPA purposes |
Purpose assets to which Business Process assets can refer. |
|
CCPA-specific data categories |
Data Domain assets, as specified by CCPA. |
|
CCPA-specific data subject categories |
Data Subject Category assets, as specified by CCPA. |
|
Legal bases under CCPA |
Legal Basis assets, as referred to for processing personal data. |
| PIA evaluation rules inventory | Threshold Assessment Rule assets, which represent the individual questions used in the PIA workflow. |
| Sample remediation actions and plans for CCPA | Sample Remediation Action and Remediation Plan assets. |
GDPR building blocks community
This community contains the following GDPR-specific domains.
| Domain |
Contents |
|---|---|
| DPIA evaluation rules inventory | Threshold Assessment Rule assets, which represent the individual questions used in the DPIA workflow. |
|
Data protection authorities |
Party assets of Party Role Type Supervisory Authority. |
|
GDPR Glossary |
GDPR-related Business Term assets. |
|
GDPR articles |
Assets that represent articles of GDPR. |
|
GDPR purposes |
Purpose assets to which Business Process assets can refer. |
|
GDPR-specific data categories |
Data Category assets, as specified by GDPR. |
|
GDPR-specific data subject categories |
Data Subject Category assets, as specified by GDPR. |
|
Legal bases under GDPR |
Legal Basis assets, as referred to for processing personal data. |
|
Sample remediation actions and plans for GDPR |
Sample Remediation Action and Remediation Plan assets. |
Sample content community
This community contains the following domains, which are applicable to all regulations with which must comply.
Note The sample content is not installed during the product installation procedure. There is a separate CMA file for the sample content for each regulation.
Warning The sample resources are strictly illustrative. They should not be edited. Editing the attributes of the sample resources might result in an error during any subsequent attempt to run the sample content installation file.
| Domain |
Contents |
|---|---|
|
Sample HR processes |
Sample Business Process assets for Human Resources-related processes. |
|
Sample IT processes |
Sample Business Process assets for IT-related processes. |
|
Sample application inventory |
Sample Application assets. |
|
Sample assessment register |
Sample assessment assets, for example, PIA assets and Legitimate Interest Assessments assets. |
|
Sample corporate data policies |
Sample Policy assets. |
|
Sample data dictionary - MDM application |
|
|
Sample data dictionary - Workday application |
|
|
Sample data dictionary - Workforce application |
|
|
Sample data sets |
Samples of Data Set assets that can be edited and related to your Business Process assets. |
| Sample Data Sharing Agreements |
The formal contracts that document which data is shared between Controllers and Processors and how the data can be used. |
|
Sample end-user computing inventory |
|
|
Sample internal parties (legal entities) |
Internal Processors and Controllers of any personal data. |
|
Sample lines of business |
Sample Line of Business assets (also known as business areas) in a hierarchical way. |
|
Sample marketing processes |
Sample Business Process assets for marketing-related processes. |
|
Sample personal data glossary |
Sample Business Term assets, for example, marital status and customer address. |
| Sample remediation actions and plans | Sample Remediation Action assets and Remediation Plan assets. |
|
Sample risk and controls register |
Sample Risk assets and Control assets. |
|
Sample safeguard register |
Sample Safeguard assets. |
|
Sample third-party privacy profiles |
Sample Party assets. |