Regulatory Agencies Inventory and Attributes

Integrations carry data across system boundaries — and many of those data types are subject to regulatory requirements. A GDPR supervisory authority governs integrations that carry EU personal data. A financial regulator governs integrations that transmit financial records. A healthcare regulator governs integrations that move patient data. The Related Integrations attribute in this inventory connects regulatory agencies to the integrations that carry the data types they govern. The Integrations Inventory and Attributes is published and available.

When this relationship is established, the enterprise can answer compliance scope questions at the integration level: which integrations are in scope for a GDPR audit? Which integrations transmitting financial data are subject to SEC record-keeping requirements? Which integrations crossing national boundaries carry data subject to OFAC screening requirements? These are the questions that determine which integrations require regulatory-grade security controls, audit logging, and compliance evidence — and they cannot be answered without the connection between regulatory agencies and the integrations that carry their governed data.