Who We Are
more less
What We Do
more less
Our Work Insights Careers Newsroom Contact Us

‘The world is witnessing an explosion of data’. ‘Data is the new oil’. ‘Data privacy is critical’. You’ve probably heard these sentences used a lot, especially since the pandemic changed the way organisations operate. Let’s put this into perspective. In 2020, or when the pandemic began, the amount of data in the world was estimated to be 44 zettabytes. By 2025, the amount of data the world generates each day is expected to reach 463 exabytes globally — that is 40 times more bytes than the stars in the observable universe.

With this context, it isn’t unfounded to say data is everywhere — in databases of both customer and employee information, on network drives, laptops, employee smartphones and other pieces of hardware, cloud-based data lakes, file-sharing programs, emails, text messages, communication platforms, and spreadsheets. This list can go on and on as organisations scale up, transform digitally and adopt emerging technologies.

With such massive amounts of data, managing it in a secure, legally compliant and thoughtful way is a daunting challenge, but it’s also important. With governments across the world implementing data privacy it becomes even more difficult, but no less important. In India, specifically, the government is in the process of drafting a revised data protection law and is expected to roll out soon. With this in mind, organisations need to be prepared. The first step is knowing your data to lay the foundation for effectively using and protecting it. In a fragmented landscape where data resides in siloes, the answer is to build and maintain a data inventory — one that informs everything from digital transformation initiatives to privacy and regulatory compliance. If you don’t know where your data is, you don’t know where it’s being sent to, how it is being used and you won’t be able to comply with regulations.

How do organisations build a defensible data inventory?

When it comes to personally identifiable information (PII) stored in your data inventory, there are several questions business leaders need to consider to identify whether your organisation is compliant with regulations.

  • Is it easy to identify data based on any parameter, including regulatory statutes?
  • Can my organisations update, maintain and ensure data is accurate?
  • Is the inventory of data indexed to be identified by record type, regulatory standard, and other variables?
  • Does this inventory contain all of the organisation’s data?
  • Does it include data collected by third parties on behalf of your organisation?
  • Can your organisations identify these data subjects and how they interact with your organisation?
  • Can you identify where the data is stored?
  • Do you know the specific business purpose for which the data is collected, especially PII?
  • Can you identify the methods of data collection?

While these questions may seem simple, most businesses cannot answer “yes” to these as data is scattered across different departments, employee devices and siloed spreadsheets. With the sheer amounts of data being generated, most organisations aren’t able to collate, index and analyse this data efficiently. And doing it manually would be a Herculean task.

Creating a data inventory often requires a special project manager and a team to gather information from various departments and ensure the data hygiene process is maintained. But creating a data inventory for a large organisation is almost impossible without technology.

The role of technology in creating intelligent data inventory

Data mapping or inventory software can help automate many of the processes involved in maintaining a defensible and compliant inventory of data. Organisations need software that profiles data to identify where it’s being managed, and retain it based on how it was collected. Technology that automatically connects data to the applicable privacy and security regulatory requirements can resolve many of the challenges organisations face in managing the sheer amounts of data generated. Such platforms also provide interactive, configurable visualisations, allowing businesses to view the data in different ways.

Rather than gathering institutional knowledge, such tools find all the sensitive and personal data within the organisation. It can be as simple as pointing it at the data sources, automatically detecting its contents, pulling information from structured or unstructured sources, on premise, in the cloud, or hybrid platforms. Automated tools can index data, allowing the inventory owner to filter data to set requirements.

If businesses want to ensure they are compliant with data privacy regulations, all efforts need to surround compliance and this begins with data mapping, which can be built for long-term use. Since regulations are constantly evolving, organisations require a scalable strategy. Investing in technology will provide flexibility to accommodate changing laws, while also ensuring the data inventory is modern and actionable.

Data privacy is a critical space, especially at a time when countries across the world are enacting legislations for privacy compliance. It’s only right that people know about the good work being done by companies that offer data privacy solutions. At Star Squared PR, we provide specialised PR services to a web of tech clients that offer myriad services. We’re well-versed in the tone, content and specific standards for the technology and allied. We pride ourselves in helping clients educate the right people of their solutions. We’re especially keen to help brands set up their technology PR strategy from scratch. Reach out to us to know more.