The following diagram provides an overview of the process to be followed while generating DSAR reports using the Automated DSAR flow.
When DSAR request comes into PK Protect, the system scans the Data Subject’s data. Using Quick Scan Columns option under CONFIG > METADATA, you can scan the Data Subject’s data.
Quick Scan Columns:
With this option, the user performs a standard detection with a policy consisting of strong identifiers (as the diagram depicts above). When a DSAR request is processed, only those columns in the tables where strong identifiers are found, will be searched.
The DSAR workflow diagram above summarizes the process which need to be followed for generating a DSAR report, using Quick Scan Columns option. The following are the pre-requisites to configure DSAR:
Add Data Groups
These pre-requisite steps are covered in detail below. Based on the above diagram, the methodology is as follows:
Create Policy with Strong Identifiers: The initial step is to create a policy with the Strong Identifiers used for Data Subjects in the Data Group. The Strong Identifiers are added by including the corresponding Sensitive Types while creating a Policy.
Create Detection Task with the Policy: Once policy has been defined, the next step is to create a detection task with this policy.
Execute Detection Task with Sync Results with Privacy option: The columns containing the Strong Identifiers will be detected when we execute the detection task. The results can be refined by tweaking confidence factor parameters, using the remediation workflow to eliminate common false-positive situations, and setting up the threshold for the confidence factor. These topics are covered in the Detection Task section of the PK Protect User Guide.
After the detection results for the target of interest have been generated, we will schedule and execute the “Sync Results with Privacy” task on the detection task instance that was just executed. This task copies the list of columns containing the strong identifiers to the database associated with the GDPR IDP.
This not only copies the sensitive columns but also creates a new system (consisting of the connection details) on GDPR repository.
Now, the system is ready to accept DSAR requests and process them efficiently. The above steps are the overall flow for executing DSARs. In the following sections, we will go into one-time setup of the Privacy IDP, Data Source Group, Identifiers, and Rules, which are necessary to process DSARs.