Data-driven Privacy Impact Assessment

Privacy Impact Assessments (PIA) have become an established method for helping organizations assess and communicate their privacy risk. PIAs help companies codify how they collect, process and dispose of personal Information in critical business areas. A specific version of them will be required for the Data Protection Authorities that will police the new EU General Data Protection Regulation which takes effect in May 2018. But PIAs as executed today have a severe limitation, they have no data linkage to the supposed data that underpins their justification.

PIAs use as input data flow maps that identify the movement of personal data from ingestion through disposition. Identifying where the data is stored and processed today is inferred from aggregated interviews of IT and business stakeholders.

Data Inventory

Accurately find an individual’s data across the enterprise.

Risk Identification

Flag and remediate potential data or access risk.

Automated Data Mapping

Build data-driven data flow diagrams without imprecise interviews.


Add business context to data processes and enable managed IT input.

Live Data

Build data maps with live, drillable data connections.