Osano launched the multi-level Osano Privacy Program Maturity Model alongside its new Data Mapping product to help organizations understand where personal information is being stored, mitigate risks and grow mature privacy programs.
Developing a privacy program is complex, and maintaining and advancing it to align with ever-changing regulations, address operational hurdles and withstand external disruptions can seem intimidating. Businesses will fall into different phases depending on where they currently are in their privacy maturity journey, and privacy programs will continue to evolve.
With this model, organizations can benchmark their existing privacy program, identify high-risk gaps, determine priorities to elevate the program to a higher standard and track maturity over time.
“This model serves as a framework and guide for privacy professionals who are eager to enhance their understanding and evaluate the progress of their privacy programs,” said Arlo Gilbert, CEO of Osano. “We’ve created a clear definition for how an effective privacy program works, and this model will support businesses in developing a program that is a central part of an organization’s operation and strategy.”
For many privacy professionals, using Data Mapping to identify where data is and which systems contain personal information (PI) is often the first step in developing a privacy program. The exponential growth in data volume, diversity and speed within an organization’s intricate network of data sources presents distinctive challenges for businesses.
Failing to address these challenges can undermine trust in the business, its processes and its stakeholders. To effectively manage data and mitigate risks, organizations must embrace automated data mapping processes to attain a holistic understanding of their data landscape.
With Osano Data Mapping, users can now visually understand where the personal data about their customers, users and employees lives, how many systems and people have access to that data and for what purposes. Beyond processing a subject rights request, there is a legal requirement for organizations to not only know what data they have, but also only store data that is necessary for business purposes — Osano Data Mapping makes this possible.
“Data mapping automation is the crucial catalyst to accelerate understanding the personal data organizations collect, use and share,” said Brian Herr, CPO at Osano. “These capabilities minimize manual efforts to create and, just as importantly, maintain personal data, which is key to establishing a foundation for a privacy program built on privacy-by-design.”
This news comes shortly after Osano launched Vendor Discovery, an automated approach to managing privacy risk.