General Data Protection Regulation (GDPR) is a law on data protection and privacy in the European Union. More recently, California passed its privacy law, the California Consumer Privacy Act (CCPA). The CCPA law gives rights to consumers regarding how their personal information is collected, sold, or shared by organizations. The rest of the article points to provisions in GDPR only for brevity.
Many of the requirements describe policies and procedures. However, these policies affect the engineering and architecture of IT systems. This article describes how Tokern DbAudit helps with the following provisions:
Article 32 states: "Taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of the processing, as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller, and the processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk,..." The following features of DbAudit ensure the security of processing:
Article 25 states: "In particular, such measures shall ensure that by default personal data are not made accessible without the individual's intervention to an indefinite number of natural persons." By default, teams do not have access to production databases directly or through DbAudit. Teams receive access after a requisition workflow logs. Moreover, users can be assigned roles that provide access to a subset of the tables and columns (if supported by the underlying database). The following features of DbAudit ensure the security of processing:
Articles 33 and 34 state: "The communication to the data subject referred to in paragraph 1 shall not be required if any of the following conditions meet: the controller has implemented appropriate technical and organizational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorized to access it, such as encryption."
DbAudit logs actions taken by all components like login, authorization events, and queries and integrates with all popular SIEM applications. Using DbAudit and a SIEM system makes incorporating intrusion detection and notifications simple.
If your company requires these capabilities, check out the project on Tokern DbAudit Github and connect with us via our Slack community!
An update release for Tokern data-lineage, we now support column level data lineage.
The first step is to understand what data governance is. Data Governance is an overloaded term and means different things to different people. It has been helpful to define Data Governance based on the outcomes it is supposed to deliver.
Get in touch for bespoke support for PII Catcher
We can help discover, manage and secure sensitive data in your data warehouse.