Allowing the "Source of Data" field on the Breach section to be populated after incident is created

The sources may not be fully known when the incident is created and our organization is not utilizing the Breach questions during incident creation, but instead incorporating it into our current CyberIncident process. The workaround would be inefficient, especially while working a potential Breach and PII loss.

  • Guest
  • Jul 31 2018
  • Not under consideration
  • Attach files
  • Admin
    Brenden Glynn commented
    1 Aug, 2018 08:38am

    The reason why this field is not editable by a general user is that it is impactful of the Privacy process. The intent was to allow the Values to be pre-defined according to a process/approved values determined by the Legal/Privacy/Compliance Team.

     

    Since this field does not actually impact the display/assessment using the Regulatory(Privacy) Tasks, you can do the following.

     

    Create a New Multi-select or Single Select Field of "Source of Data" (its ok to have a non-unique Field name), or give it another Field Name.

    Place that Field in your CyberIncident Process (Layout/Task), and also place it on the Breach Tab (possibly replacing the existing non-editable "Source of Data Field)