Data ownership and classification are usually initiatives companies think about much after implementing many other layers of controls like firewalls, patching, or antivirus. But because of legislation like Health Insurance Portability and Accountability Act (HIPAA) and the US Family Education Rights and Privacy Act (FERPA) companies are required to know what data they possess and assure they are securing it. Most organizations retain large quantities of data and some even call it “big data” but many do not have the certainty of what type of data it is, what are the data elements, where it is stored, when it should be destroyed, and how to protect it. This article will explore those elements and highlight the importance of data ownership and classification.
