Skip to main content

Privacera Documentation

Prerequisites and planning

Before you begin to define data domains, shared datasets, projects, or roles, prepare the following:

High-level planning for Governed Data Stewardship

The general planning for Governed Data Stewardship is as follows:

  1. Define easily-remembered names of the data domains to be created by the account administrator, including a useful description of the data domain.

  2. For database applications, decide the depth of the resource to add to the data domain: the entire database, the tables, or the columns and rows, as described in Application with data resources.

  3. Decide if the data owners should have optional data stewards to manage the data domain.

  4. Identify data owners, optional data stewards, and optional project leaders to be given access to these data domains.

  5. Assign appropriate Privacera system roles to the data owners, optional data stewards, and optional project leaders, as described in Map of Governed Data Stewardship roles to Privacera system roles.

  6. Decide:

    • Which users, user groups, or roles to share the datasets with.

    • Which users, groups, or roles should have read/write permission to the data domain

    • Which users should have only read permission.

  7. Optionally define and describe the projects that each data owner controls.

  8. Decide if you want to create projects from a data domain, a shared dataset, or both.

  9. Decide if you want to assign project leaders to the projects.

  10. Determine which data domains, users, user groups, or roles should be assigned to which projects.

Flexible data governance roles to meet your needs

Governed Data Stewardship's defined roles might not exactly match the names of your organization's hierarchy of work functions for data governance. For instance, you might have a different term for "data owner" or "data steward" or "data user".

For simplicity, Governed Data Stewardship abstracts various work functions into generalized roles. Governed Data Stewardship gives you the flexibility to associate these roles with your own job functions.

You decide how you want to map your organization's exact definition of functional roles to Governed Data Stewardship’s general terms.

For example, you might have many different organization roles for the people who actually work with your data. You might have data analysts, ETL programmers, or data scientists. Governed Data Stewardship relies on the term data user to cover these functions.

Examine these predefined roles in Governed Data Stewardship and map their capabilities to your own organizational titles. You can then assign these various roles to the appropriate users.

Map of Governed Data Stewardship roles to Privacera system roles

Each role for Privacera Governed Data Stewardship is a data access user that must be given a certain PrivaceraCloud system role, as shown in the table below.

For details on creating data access users and assigning roles, see Users, groups, and roles.

GDS Role

Privacera Role

Description

account administrator

ROLE_ACCOUNT_ADMIN

The default account administrator is the person who first signed up for PrivaceraCloud. Other account administrators can be created.

data owner and steward

ROLE_POLICY_ADMIN

Data owners and data stewards are portal users created manually or loaded from an external IdP and given this Privacera role.

data governor

ROLE_DISCOVERY_GOVERNANCE

A data governor is a portal user created manually or loaded from an external IdP and given this Privacera role.

project leader

ROLE_POLICY_ADMIN

A project leader is a portal user created manually or loaded from an external IdP and given this Privacera role.

data user

ROLE_USER

A data user is a portal user created manually or loaded from an external IdP and given this Privacera role, which is the default.