Data classification is an extremely important component of securing and organizing your organization’s data. Without proper classifications, it’s difficult to ensure that your data is 1. Secured and 2. Useful.
In the Spring ‘18 release Salesforce introduced a new object: Individual. This object was created to allow you to store customer’s privacy preferences. These records help ensure you are respecting your customers’ privacy. Along with the Individual object creation there has been an Authorization Form object that included Authorization Form Text, Authorization Form Consent, and Authorization Form Data Use. All of these objects are used to create a consent form for your customer to sign and then it is related to their Individual record.
Continuing on with privacy, Salesforce has created new metadata fields that allow you to classify data at the field level. These metadata fields were recently released in the Summer ‘19 release. What does this mean?
There are three new metadata fields available on custom and standard objects that provide a way to classify the data that is entered in a field by way of setting an owner, the sensitivity and if the field is in use.
These three metadata fields can be found when you edit a field. They are Data Owner, Field Usage, and Data Sensitivity Level. The Data Owner provides a way to set a user or a public group as the owner of the data that is placed into that field. This user or public group should understand the importance of the data placed in that field. The Field Usage indicates if the field is in use or not. The Data Sensitivity Level provides a way to indicate the sensitivity of the data in that field; as in public, internal, restricted, etc.
By setting these values on a field, you can track which field values are highly sensitive. You can set a point person to ask questions about the data entered in a field. Populating these fields will help you decide who should have the permission to view and report on the field data. When you are forced to think about things like data sensitivity, you are more apt to put more thought into setting up the permissions properly, protecting the company’s data.