New Research Shows Majority Of Companies Lack Visibility into the Personal Data They Hold

Transcend, the privacy platform that makes it easy to encode privacy across a company’s tech stack, announced at this year’s RSA Conference in San Francisco the release of new research into corporate stewardship of the personal data they process and store. Based on a survey of technical leaders across different industries, the findings from Transcend’s 2022 State of Data Visibility Report paint a stark picture of how companies are performing when it comes to knowing how and why they use customer, user, and employee data, and where it is stored.

Many of today’s manual data inventory exercises fall short because the act of documenting the data is abstracted from where the data actually lives. Companies are far too reliant on individual system owners to surface up processing information, or make best guess inferences.”

Marketing Technology News:  Screena Releases the 1ST Movie Set in the Sandbox, Announces Its Plan to Build a Metaverse…

Transcend’s research found that:

  • Two-thirds of survey respondents say their company still doesn’t have an accurate picture of the personal data they hold; the result of system sprawl, reliance on manual processes, and insufficient resources. This is against a backdrop of increased privacy regulations and technical requirements from industry leaders like Apple.
  • Compounding this visibility challenge, 57% of those surveyed say new systems containing user data are added weekly, in some cases daily, within their companies, but only 22% have implemented automated data discovery and inventory approaches, exposing compliance and data security gaps.
  • Over 50% of companies will need more than a year, multiple internal teams, and an external vendor to discover all data systems and create a unified data map.

“Many of today’s manual data inventory exercises fall short because the act of documenting the data is abstracted from where the data actually lives. Companies are far too reliant on individual system owners to surface up processing information, or make best guess inferences.” said Wiebe.

“As long as there’s daylight between the privacy organizations that are charged with complying with regulations, and the data plane where personal information is actually processed, privacy compliance, data security, and honoring data rights will always be unscalable.”

Marketing Technology News: MarTech Interview with Chris Knowlton, Chief Evangelist at Panopto

Transcend’s research also found that when asked what was blocking their data inventory projects, 62% of respondents cited lack of support from leadership, while 31% cited insufficient budget.

A complete data inventory is foundational to fulfilling many privacy law requirements: completing data subject requests (DSR) for data access, rectification, and deletion, identifying risky data processing activities, and creating and maintaining records of processing activities (ROPA)—a requirement of GDPR Article 30. In spite of this, Transcend’s research found that 68% of companies still rely on manual lists or ad hoc cross-functional communication to identify which systems should be included in their data subject request (DSR) workflows.

The full 2022 State of Data Visibility Report can be found at: https://go.transcend.io/data-visibility-report-2022. Transcend is also an exhibitor at this year’s RSA Conference in San Francisco, and can be found at booth 4614 in the Moscone North Exhibit Hall.