Semantic Arts worked with PwC to improve Verizon’s data privacy capabilities.
Prior to the engagement, as applications evolved many of the process steps required to stay in compliance with privacy regulations and policies were performed manually using multiple data sources. Our goal was to provide a knowledge graph as a single source of privacy metadata (information about data classified as private).
Early in the engagement, we identified the key components of the data privacy landscape, summarized in this diagram:
The data set loaded into the knowledge graph identifies which applications and third parties are involved in each kind of privacy data processing: data collection, analysis, modification, transfer, storage, etc.
We modeled most of the privacy concerns implied by the diagram, including:
• legal rights of a data subject
• agreements with third parties
• details of data processing relevant to privacy concerns
• data lineage
• data retention
• data catalogs
• impact assessments
• privacy-related processes and tasks
We also created an extensive taxonomy that allowed key distinctions to be made while the core model remained simple and straight-forward. Finally, we created generic configurable queries to perform a range of data validations.
The result is a consolidated view of data from multiple sources that allows greatly improved management of application compliance with privacy data policies and regulations.