Data Inventory and Data Classification
An organization should inventory all PI it collects, stores, uses, or discloses (customer and employee), then classify it by sensitivity to set access clearance and protection levels. A documented inventory can reduce penalties if a problem later occurs, and is legally required for entities under the GLBA Safeguards Rule.
An organization should inventory the PI it collects, stores, uses, or discloses - both customer and employee records - documenting location, flow, and how/when/with whom data is shared, plus the transfer means used. A documented inventory identifies reputational and compliance risks; current enforcement practice indicates penalties are likely less severe where a company has an established recording system. This inventory is legally required for some institutions, such as those covered by the GLBA Safeguards Rule.
After inventory comes classification by sensitivity, which sets access clearance and baseline protection. More sensitive data may be segregated through access controls or kept in an entirely separate system. Holding all data in one system risks giving temporary or lower-level employees access to sensitive data and increases the consequences of a single breach. Classification also supports compliance with U.S. sector-specific laws, efficient legal discovery, and cost-effective storage.
Separating highly sensitive data limits who can reach it and reduces the blast radius of a single breach. Co-mingling everything in one system invites over-broad access and bigger incidents.