Basic 01: classification
Data classification is essential in the enterprise not only to comply with and implement legal regulations, but also to know where the data is.
What is data classification?
A data classification is a sorting of data into previously defined classes. Thus, data is divided into classes and can be assigned rules per class. The goal is to get a grip on the vast amount of structured and unstructured data.
Data classification is a well-known topic in many companies. Unfortunately, corresponding data classes only exist on paper, but are not used productively. Furthermore, it is not easy to implement these data classes technically and to get the employees to classify the data.
Possible classification
There are some different options to classify data in a company. It´s a challenge to find the right system to classify.
- Protection level concept of German data privacy authority
- Retention level concept
- Insurance social data and not
- structure and non structure data
- internal and external data
- data classify for every single department
typical data classification
Class | description | Examples |
Private | This class define private data of Employees. This includes for example data and communication with the working council. | private communication with the wife, working council, company health system |
Public | This class define public data. | websites, newsletter, news paper |
Internal | This class define company internal data. | baseline company data |
Confidential | This class define secure internal data. | personal data, contracts |
High Confidential | This class define high secure internal data. | IP, special contracts, art. 8/9 GDPR Data |