UnixTime

Research Note

Approved Sensitive Data Flow Register

Use this register to document approved sensitive data transfers, channels, protections, and authorization requirements.

On this page

When to use this

Use this register to document approved sensitive data transfers, channels, protections, and authorization requirements.

Register

Data type Source Destination Approved channel Required protection Authorization required Evidence
TBD TBD TBD Portal/SFTP/API/encrypted email/backup shipment Encryption/logging/DLP TBD Approval/log

Minimum checks

  • Source and destination are defined.
  • Approved channel is defined.
  • Protection matches sensitivity.
  • Authorization process is defined.
  • Flow is reviewed when business or risk changes.