Information objects in Privacy Management

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 1 minute to read

    • Using information objects you can automatically discover business processes, applications, and third parties processing personal information.

    The purpose of an information object is to logically describe the type of data that is exchanged between an application and a database. To determine which information objects process personal data, you can tag the information objects with the Personal information tag. For more details on how to tag an information object, see Tag an information object with personal information.

    After the information objects are created, they are mapped to business applications or business processes. This activity helps the privacy management teams to discover the information objects processing personal data. Some examples of [PI] Information objects in Privacy Management are:
    • Customer email addresses
    • Customer bank account numbers
    • Employee educational details
    • Employee personal email address

    Creation of information objects

    While you can manually create information objects, you can also use the BigID Data Exchange application to automatically identify personal information that is stored in your database and create information objects. You can download the BigID Data Exchange application from the ServiceNow Store.