Challenge
Many privacy regulations include a subject’s “data classification”, which systems it resides in, for what purpose, and if that data is being shared with a 3rd party vendor. It is important for organizations to understand how Glossaries can be classified as simply “Personal” versus “Sensitive” based on the policies attached to those Glossaries and to know how to filter a custom Policy X Glossary Relationship Type (i.e., either a Glossary is PII or Sensitive) using API calls.
Axon has the capability to classify data into Protected Personal Data, Sensitive Personal Data, and into various other categories such as Internal or Public. This Best Practice will assist in establishing a process that will guide day-to-day usage, classification, and management of Policies to govern data.
Description
Policy-X-Glossary Relationship Setup
Create Custom Relationship Type
This best practice primarily focuses on understanding “how-to” pull all the Glossary items that are governed by a sensitive category of data policy versus personal data policy. It can be used as an example for other policies such as Purpose of Collecting Data, Purpose for Sharing Data, Lawful Basis, Records Retention, Security Measures, etc.
Begin by logging into the Axon Data Governance Home page:
For an easier search, it’s best to use a custom relationship type when joining the Policy to the Glossary. For example, in the case of Personal Data Policy use the custom relationship of “Is Category of Personal Data”. For the Sensitive Personal Data, use the custom relationship type of “Is Category of Sensitive Data”.
Note: A user must have Super Admin access to add custom choices to dropdown lists.
On the top right corner of the screen, choose the dropdown next to the user name. Follow the steps as shown in the screenshot below to navigate to the options of relationships between various Axon facets.
- Select Admin Panel from the dropdown under user name
- Select Dropdown Configurations in the left panel
Find the Policy X Glossary Relationship Type and select it:
After choosing the right relationship type (in this case, a “Policy X Glossary Relationship Type”), add the two custom relationship types of “Is Category of Personal Data” and “Is Category of Sensitive Data” to the list as shown below.
Associate Policy with Glossary
In the Unison search, navigate to the Policy facet and look for the keyword “sensitive” and select “Sensitive / Special Category Data” from the list of various policies in the dropdown list.
Click on the listed policy in the Policy facet, and a detailed page about that Policy information will open as shown below:
Navigate to the Impact tab and click on Edit. There will be multiple sub-tabs -- navigate to the Glossary sub-tab and choose one of the relationship types.
In this case, we are selecting “Is Category of Sensitive Data” as the relationship type and associating it with “Political Party Affiliation”.
For the Glossary item, select a Glossary Domain or Subdomain or Term that holds business sensitive information, but it is not someone’s Personal information. In this case we are selecting Glossary for “Political Party Affiliation” on the sub-domain level. Click on Save and Close.
Note: Policies can be applied at term level too for a full Data Governance Implementation, but require exponentially more effort to create and maintain at that level of detail.
Informatica recommends choosing policies at the Domain or sub-domain levels when implementing an initial pilot for a Data Governance Solution.
Repeat the above steps for a Policy that is applicable for Personal data. For that, choose “Personal Data” policy and associate it with a Glossary containing “Member” information using the “Is Category of Personal Data” relationship type.
Use Unison Search
Explore Unison Search
To explore the on-boarded facets in Axon Data Governance, click either on the Explore with Unison option on the Home screen, or the Search option next to Maps on the top of the Home screen.
Note: There is another search option which looks like a search icon on the top right of the Home screen, but unlike Unison search that is a regular search and will result only in pulling the exact object searched for instead of brining any linked facets to that Object.
A screen like the one shown below will open after performing Unison search, showing all of the Facets present in Axon Data Governance.
Sensitive Personal Data Policy
To search for Glossary items that are Business Sensitive but are not part of the Personal Data Category, navigate to the Facet named “Policy” and search with the Keyword “sensitive”.
As shown, there are multiple policies for that keyword. Use the one initially created under Axon for the Business sensitive information.
In this case, we will choose Sensitive / Special Category Data.
As soon as the policy is selected, brief information about that Policy will display (e.g., name, description, etc.). Click on the name to view detailed information about that policy. However, for this use case, stay on the below window:
Notice that the numbers in the various facets have been changed too (e.g., Org unit, or System or Datasets or Glossaries will show some values like 6 of 128).
What does this imply? It simply means as soon as the above policy was searched for, the Unison search filtered all the metadata associated with the policy and narrowed down the number of Objects to only display the Objects that are associated with that Policy.
Associated Glossary
To access the linked Glossary Objects to that Policy, navigate to the Glossary facet. A list of associated glossaries will appear as shown below:
To get detailed information on each of these glossaries, click on the respective glossary and a new page will open with the detailed information about the Stakeholders, associated datasets, etc.
Personal Data Policy
To search for Glossary items that contain personal data (e.g., Person names, addresses, etc.) navigate to the Policy facet and search with the Keyword “personal”.
In this case, we will choose “Personal Data”.
As soon the policy is selected brief information about that Policy is displayed (e.g., name, description, etc.). Click on the name to view detailed information about that policy. But for this use case, stay on the below window:
Associated Glossary
To access the linked Glossary Objects to that Policy, navigate to the Glossary facet. A list of associated glossaries will appear as shown below:
Building API calls for retrieving Data from Axon
Download the Postman App.
There are two steps to extracting the information:
- Get Token
- Get the Glossaries associated with the process
Get Token
Use the URL http://, in the postman app. The Post request should give a token in the response body.
Get the Glossaries associated with the Policy
Use the below URL to search for any object and the objects related to it.
<axon_url>/unison/v2/facet/_search
Provide the token in the header, and use the json text below to search for sensitive data –
{
"mainFacet": "GLOSSARY",
"searchGroups": [
{
"operator": "START",
"searches": [
{
"operator": "START",
"facetId": "POLICY",
"filterGroups":[
{
"operator": "START",
"filters": [
{
"operator": "START",
"type": "VALUE",
"properties":
{
"field": "id",
"value": "Sensitive / Special Category Data"
}
}
]
}
]
}
]
}
],
"searchScopes":{
"mainFacet":{
"facetId":"GLOSSARY",
"fields":[
"id",
"name"
]
}
}
}
The response will be a list of glossaries associated with the sensitive Business data policy.
Similarly, to get a list of personal data related glossaries, just replace the highlighted part in the above json text with Personal Data.