In Ethyca, a Data Lifecycle Phase (DLP) is a value or set of values assigned to a particular data use case in the Ethyca application. The phases associated with a use case influence how Ethyca displays the use case on your data map.
To understand Data Lifecycle Phase, it’s useful to take a step back and think of the way data flows through your business. There’s a moment when a piece of data first enters your business ecosystem, moments when it is transformed or processed in some way, and other moments where it’s simply at rest.
Each of these phases in the data journey carry a different set of considerations for privacy management, impact, and risk for your business. In Ethyca, a Data Lifecycle Phase (DLP) is a value or set of values assigned to a particular data use case in the Ethyca application. The phases associated with a use case influence how Ethyca displays the use case on your data map.
You’ll see the four lifecycle phases displayed across the top of your data map in Ethyca’s control panel. Now we’ll explore them in more detail.
Lifecycle Phase | Description |
Collection | The point of data entry into your company’s software ecosystem. For example, for a Customer Service use case, customers may enter their name and email address to create an account when landing on your site; it’s initially stored in Auth0 before being sent to Zendesk. Even though Zendesk is used primarily for the customer service, Collection is still a part of this Customer Service use case as the customer information entry is required. |
Transformation | Any point where a field of information is transformed. This means it may be restructured or stored in a different format for a destination system, for example, data from your CRM being sent to a data lake through an ETL process. |
Processing | Any activity where fields of information are acted upon to achieve something. This may be user behavior analysis or sending e-commerce orders, each of these constitute a process. |
Retention | Any point where a field of information is stored for future use. This includes identifying destination storage systems, or a tax, order, or healthcare systems where information must be retained for minimum 7 years. |
In Ethyca, lifecycle phases don’t strongly influence how we manage data for a given use case. For instance, a data subject request from one of your users will be surface data in a use case no matter the lifecycle phases it touches.
But lifecycle phases do matter for your business, and so it’s useful to have them visualized as part of your data map. As an example, any use cases associated with Retention should be paired by a Data Retention and Destruction policy. Beyond simple compliance, Ethyca’s lifecycle phases helps key business stakeholders understand the data that needs special process attention.
At Ethyca, we believe that software engineers are becoming major privacy stakeholders, but do they feel the same way? To answer this question, we went out and asked 337 software engineers what they think about the state of contemporary privacy… and how they would improve it.
The UK’s new Data Reform Bill is set to ease data privacy compliance burdens on businesses to enable convenience and spark innovation in the country. We explain why convenience should not be the end result of a country’s privacy legislation.
Our team at Ethyca attended the PEPR 2022 Conference in Santa Monica live and virtually between June 23rd and 24th. We compiled three main takeaways after listening to so many great presentations about the current state of privacy engineering, and how the field will change in the future.
For privacy engineers to build privacy directly into the codebase, they need agreed-upon definitions for translating policy into code. Ethyca CEO Cillian unveils an open source system to standardize definitions for personal data living in the tech stack.
Masking data is an essential part of modern privacy engineering. We highlight a handful of masking strategies made possible with the Fides open-source platform, and we explain the difference between key terms: pseudonymization and anonymization.
The American Data Privacy and Protection Act is gaining attention as one of the most promising federal privacy bills in recent history. We highlight some of the key provisions with an emphasis on their relationship to privacy engineering.
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!
Book a Demo