Article

Introducing Automated Governance Reporting

We’re excited to announce the release of an essential new feature for our customers: Automated Governance Reports, or “AGR” for short.

AGR allows Immuta governors to generate instantaneous records of all activities taking place throughout their Immuta environment. Want to know every user with access to a certain data source? Build a report in simple, natural language that will immediately tell you the answers.

Want to know every purpose a data source has ever been used for, as mandated by the GDPR? You can easily build that report too, along with dozens of others. And every report is one-click exportable to CSV, so you can quickly and easily prove your compliance.

In the past, lawyers and compliance personnel needed to undertake lengthy review processes to understand who was accessing what data, when they accessed it, and more. This process was incredibly burdensome, frequently making it hard for data scientists to do their job – knowing they’d have to manually account for their activities across data silos.

Reporting requirements on data access and usage were one of many ways that antiquated compliance processes slowed down data science teams and hampered innovation. But with Immuta AGR, we’ve removed this friction point, making the process of proving compliance easy and seamless for our customers.

What Does AGR Do?

With Immuta, users can connect to an organization’s data through one unified access point, making life easier for data scientists and data owners, and providing one single source of truth for all data science activities. This means that Immuta’s able to capture and enforce policies against all activities against an organization’s data, which we’ve distilled and made easily digestible with AGR.

To build a report, Immuta governors can simply visit the Governance Console, click on the “Reports” tab and start building the report they want to see. Once they build their report, they can click on the “Export to CSV” button to view the report outside Immuta, and to share or store the file for recordkeeping.

Governors can build reports based on:

  • The purposes data has been used for across Immuta.
  • The activity of a specific user.
  • The activities of groups – both within Immuta’s own admin console and in external LDAP or Active Directory management systems.
  • Individual data sources.
  • Specific policies applied to data – for example, where differential privacy has been used to protect data.
  • And more!

AGR closely tracks the records of data processing required by the EU’s GDPR, other major data regulations, and our customers’ internal data policies and procedures. And that’s no accident. We’re monitoring the compliance needs of global data science programs, and we’ll continue to expand on this feature as new reporting requirements evolve.

Check out the example below to see AGR in action.

Reports, Live In Action!

To create an AGR, start in the Governance console by clicking on the “Reports” tab.     

Then select the entity you’d like to build the AGR around. For this example, we’re going to build a report that tells us every purpose the data source “Credit Card Transactions” has been used for. So we’ll start by selecting “data source.”

Then we’ll enter the specific data source “Credit Card Transactions.” You can select the name of the data source from the dropdown menu, or enter it in by typing the name in the blue text field.

Once we’ve entered in the entity information, we have six reports to choose from, each represented in a separate tile. From top left to bottom right, these reports include: the users and groups subscribed to the data source; the projects within Immuta that contain the data source; the purposes of those projects; the users who have ever accessed the data source; the purposes that data source has ever been user for; and all users who have ever subscribed to the data source.

We’ll click on the bottom left tile, which will tell us every purpose the data source has ever been used for. (Note that purposes in Immuta can be managed through the “Purposes” tab in the Governance console, and restrict how data sources can be used across Immuta.)

Here we see the data source “Credit Card Transactions” has been used for four different purposes – Credit Scoring, Financial inclusion, HR, Marketing and Privacy Enhancement Research – by two different users between January 1, 2018 and April 10, 2018.

Reports automatically generate entries for the last 30 days, but that can be adjusted by clicking on the date fields and changing either the start or the end date, as seen below.

If you’d like to switch the data source the Report is based on, you can change the name of the data source in the blue text field at the top of the page, either by selecting a new name in the dropdown or by typing in the text field.

Clicking the blue “Generate Report” button will create a new report with the updated data source name. For now, though, we’ll stick with “Credit Card Transactions.”

Once we’ve generated the specific AGR we need, we can click on the “Export to CSV” button at the top right side of the page to download the report. We’ll use the report we just ran, detailing every purpose the data source “Credit Card Transactions” was used for between January 1, 2018 and April 10, 2018, and open that report in Microsoft Excel.

Once downloaded, each AGR can be saved, stored and shared to prove compliance across your entire organization’s data science environment – making a once time consuming and manual process immediate, easy and intuitive.

For questions, custom demos or more information about AGR, please reach out to governance@immuta.com.