Reports on data processing activities are crucial for compliance. Describing processing activities – like what policies are applied to what data sources – is often not sufficient to demonstrate compliance internally or to external regulators. Immuta makes monitoring data use scalable and easy through automated, customized reports and data audit trails. All reports can be downloaded and exported to CSV to share with legal and compliance stakeholders whenever needed.
How do you create reports on all data activities?
Data teams or governance personnel, referred to as “Governors” within Immuta, can create a wide range of reports that capture all activity against exposed data sources by acting as a single point of access for all users.
Governors can create reports based on eight parameters – listed below – which allow data engineers and architects to demonstrate many aspects of data activity and provide a rich variety of reports.
- User/Group Reports: If you need to demonstrate is that the data is being processed by a limited number of data users, or that each group has effectively performed its tasks (such as administrators, auditors or governors), you can create a report based on user. Immuta allows you to run reports based on the activities of individual users or of a group, depending on your needs.
- Project Reports: To show that a specific project has been conducted according to specifications, you can create a report based on the number of members, specified purposes and/or data sources associated with the project.
- Data Source Reports: If you need to demonstrate that a specific data source has been used according to specifications, you can run a report based on the number of subscribers, the number of specified purposes, the number of projects including the data source, an overview of the users who have accessed the data source and/or an overview of all subscribers (past and present) to the data source.
- Purpose Reports: To show that the purpose restrictions set for specific processing activities have been enforced, you can generate a report based on the number of members to the project with the intended purpose, the number of purposes per project, the number of data sources accessed for the purpose, the number of data sources for projects with the purpose and/or the number of projects with the purpose.
- Policy Reports: If you need to demonstrate that specific policies have been applied on data within all data sources, you can create a policy report. This is particularly useful in proving compliance with data protection principles such as purpose limitation, storage limitation, data minimization and confidentiality. The policy techniques included in this type of report might include row restriction by user attributes, masking, differential privacy, time restriction, minimization, purpose restriction and more.
- Connect Reports: Immuta allows “virtual” access to the data, meaning the raw data is never moved or copied, and multiple data sources can be created from the same table or underlying data. To view all data sources created by an underlying table or query, you just need to specify the connection details used to access the raw data.
- Tag Reports: To demonstrate how and when specific types of data have been processed, you can generate a report based on tags. This is particularly useful for assessing what has happened to sensitive or confidential data, for instance, “all data marked as an ID number“.
- Global Policy Reports: The final type of report relates to the implementation of organization-wide policies applied across all data sources, which Immuta supports with a single, natural language global policy builder. In this case, you can create a report based on a global policy to identify the data sources impacted by the global policies set by governance personal.
Simply putting data security measures like access controls in place is not enough to prove compliance, especially as more stringent regulation enforcement becomes increasingly common. With Immuta, you can generate various types of reports to provide legal and compliance teams with robust documentation of data activity, and in doing so provide peace of mind to all data stakeholders.
To see how Immuta’s monitoring, auditing and reporting capabilities work for your data, start your free trial today.