File Mapper

File Mapper

Collaboration Framework — Project Management Skills & Expertise

A data map is an internal assessment performed by the company’s Subject Matter Experts (SME’s) in each department about the data that it has collected, why it’s being collected, the location where the data is stored, the format of the data, and with whom it has been shared (internally and externally with third-parties).

Although you will not find these words in the California privacy laws, a data inventory and/or data map is considered one of the first steps in preparing for compliance with the CCPA. If an organization is not aware of all of its data collection, processing, storage, and sharing, it will be difficult to accurately comply with the CCPA “data subject” request requirements.

Chorus Consulting experts are experienced in assisting organizations create a data map for each of their departments, listing the types of information saved within specialized applications, shared servers, desktop and laptop computers, email, shared document repositories, and hard-copy documents.

About Us

File-Mapper.Com is a data mapping service provided by Chorus Consulting LLC. To facilitate the data mapping project, Chorus provides information governance expertise, project management experience, and the hosted File-Mapper.Com database application to facilitate collaboration between department subject matter experts.

Leadership Team

United States
Kirke Snyder JD, MSLA
CIGP certified and located in Denver, Colorado
Telephone: 303-819-9946

Aaron Snyder CIPP/E
Certified and located in Berlin, Germany
Telephone: +49 15771951243

Frequently Asked Questions

Depending upon the number of business units and departments of an organization, a data mapping project initial costs are between $5,000-$10,000 with an annual fee to maintain the application of $2,200. 

A typical data mapping project involves the following activities: 

  • Interviews and Application Setup 

The Chorus project manager will interview the organization’s business unit leaders and customize the web hosted application with the names of the organization’s users, business units, departments, primary and secondary record categories, applications, the business purpose of saved information, etc. 

  • Training Department Subject Matter Experts (SME’s)

The Chorus project manager will train each department SME how to select the record categories that relate to their department and to answer a series of questions related to each record category/sub-category. 

  • Reporting

The Chorus project manager will assist the organization to search, sort and export information sub-sets via a .csv or spreadsheet file format to facilitate identification of personal or sensitive information, to support a legal hold obligation, to provide the foundation for defensible deletion of unnecessary information, or other information governance requirements. 

A data inventory is a searchable index of information stored throughout the enterprise (think full text Google search capability). Many organizations utilize this type of an application to search for and collect potentially relevant documents related to a legal hold. 

While being able to perform a full text or metadata search is extremely helpful, the search results can be overwhelming without additional folder or file-level tags to further narrow a search (e.g., a tag related to the appropriate record category or a tag indicating the file contains personal or sensitive data, or a tag indicating when a file can be deleted based upon the retention schedule). The data map is the bridge to a data inventory application to incorporate custom searchable tags that will enhance the data value of many data inventory applications on the market today. 

This capability is important to support defensible deletion of unnecessary information. It’s also a time and resource saver when an organization is required to notify individuals that their data has been breached, or to facilitate the legal requirement (GDPR & CCPA) to respond to a Data Subject Access Request, or to identify specific files containing personal or sensitive data stored throughout the organization, or to copy and preserve specific files containing potentially relevant information related to a specific litigation.

Data Map Applications

Data Mapping to Support Litigation e-Discovery 

Data mapping is an important tool when preparing for and responding to eDiscovery. In fact, data mapping is (sort of) required by the Federal Rules of Civil Procedure (FRCP). Rule 26(a)(1)(A)(ii) requires parties to create a description by category and location of all documents and electronically stored information the party has and may use to support its claims or defenses. Without the data data map, responding to a litigation Discovery Request can be an expensive “fire drill” for the organization’s litigation support manager or paralegal team members. And the data map also serves as the starting point for the early case assessment (ECA) process.

Data Mapping For Records Management Housekeeping

The Chorus Consulting data mapping project begins with the organization’s Business Unit Leaders identifying one or more subject matter experts (or record coordinators) to represent their department. The foundation for the data map is the organization’s list of primary and secondary record categories. From this list, the department subject matter expert is asked to select the categories of data/documents that their department creates or maintains. For each category selected, the subject matter expert is presented with a list of mandatory questions (e.g., the source, format, business use, storage location or application for each category selected). The application includes three key questions for records management housekeeping: 1) How long are you currently saving this category of information – Less than 2 years, 2-10 years, or more than 10 years; 2) Are documents in this category sent to offsite storage- yes or no; and 3) In what format(s) are documents saved – electronic, hardcopy or both.

Data Mapping For Data Privacy Compliance

A data map also helps organizations better understand the applications and shared drive folders that contain personal or sensitive data. Although, Europe’s GDPR and California’s CCPA laws and regulations do not explicitly mention a requirement for a data map, it is widely recognized that Article 30 in the GDPR does require an organization to create a data inventory (map) and keep it current. The up-to-date data map will greatly help the organization respond to a data subject access request for information or deletion of information within the mandated period of time (e.g., organizations must respond to a GDPR “data subject access request” within 1 month).

Data Mapping For Data Security Compliance

You can’t protect data that you don’t know exists, or with whom it is shared. The data mapping exercise is the most efficient means to learn about the nature and business use of your stored information from application owners and users. Department subject matter experts will document the source of their data, where it is being saved, the business necessity for the data, as well as with whom the data is shared, inside and outside of the organization.