How To Run Automated Privacy Reports In Ethyca

Ethyca Simplifies Privacy Management Reporting

Effective, well-executed reporting helps you:
1. Maintain a consistent audit trail for data privacy compliance;
2. Improve your user’s experience by providing you with actionable insights;
3. Create a more efficient data infrastructure by drawing attention to redundant data.

Ethyca’s automated reporting functions let your team get quick, actionable insights into the shape your data flows and the character of your customers’ privacy requests. 

Ethyca allows you to seamlessly run reports on all of your data privacy activities. Below, we’ll take a look at a report you can automatically generate on the personal information that is referenced in your company’s data flow map. We’ll also look at a report on all of the data subject requests received by users for a given period.

Reporting on Your Data Flow Map

In Ethyca, you can run reports to view all the information relating to your organization’s data flow map. This lets you carry out audits of the personal data that you’re currently processing or provide a paper trail for privacy law compliance.

To get started, log into your Ethyca Control Panel. From the Ethyca Control Panel homepage you should navigate to the “Datamaps” section.

From here, click “Download Report” below the visual of your company’s Data Flow Map.

Once the report is downloaded, open the file to view its contents. The report will contain a snapshot of the flow of personal data across your data infrastructure.

This is a rich source of evidence of data privacy law compliance should you ever need to provide it. It is also an excellent way to assess the necessity of any personally identifiable information that your organization is processing at any time. 

Below is a list of key elements from the report that contain excellent insights into the personal data that your company is processing.

INFORMATION TYPE DESCRIPTION
Timestamp The time and date at which the report was generated. This is important to reference because your data map is not static and will change over time.
Source Service A reference to the system of software where the data was captured or where it originated.
Source Type The type of system or software where the data came from. Typically in-house or third party service.
Source Activity The type of data processing that is being carried out on the data at the source.
Destination Source The system or software that the data is transferred to, from the source.
Destination Type The type of system or software where the data is transferred to. Typically in-house or third party service.
Destination Activity What happens to the data when it is transferred to its destination.
Data Class The type of data that is being processed e.g. phone number, email, name, IP address etc.
Processing Activity The activity that the data is being used for e.g. testing, fraud monitoring, email marketing etc.
Involved Datastore The exact system or software where the data that is being processed is stored.
Subject Types Involved The individual whose data is being processed e.g. customer, employee etc.
Internal User Types with Access The individuals or teams who have access to the data that is being processed e.g. sales manager, all employees, marketing team etc.

 

Reporting on Your Data Subject Requests

Ethyca also allows you to run reports on all of the data subject requests that your organization has received so that you have a record for compliance. This report is also useful for understanding the most common data subject requests that your users are making, so that you can more proactively deal with such requests in future.

To access your Data Subject Request report you should navigate to the “Reports” section of the Ethyca Control Panel.

From here, you have the option of running reports on your Data Subject Requests, running reports on the consent that has been granted by your users, or running reports on the usage of your privacy centre. For now we’ll focus on a report on Data Subject Requests. 

You can access this report under the “DSR” tab by clicking the “Download” option beside the Date Range that you wish to view the report for. 

Once you click download, a new tab will open containing a report on your Data Subject Requests. 

The report will contain important information about all Data Subject Requests received during the selected date range. This will include a summary of the type and amount of requests received for that period. It will also detail how many requests of a given type are at each stage of processing at the time the report was generated. Lastly, it highlights areas that may require added focus if a large number of users are making the same type of data subject request each month. 

You can also view the details on individual subject request reviews. This includes whether the review was accepted or rejected, the date it was carried out, who carried it out, and any additional clarifying commentary they made while processing the request. This is crucial information for the purposes of auditing your data privacy management practices. It also uncovers opportunities for improving the way your company responds to data subject requests or how it manages personal data in the first place.

Reporting on your company’s data privacy management practices is a fundamental process that should be both reliable and easy to execute. If you have any questions about data privacy management reporting or about using Ethyca’s data privacy platform, please feel free to reach out and we’d be happy to help!