What is Data owner controller?
Data owner controller Definition: An entity that collects or creates PII.
Understanding Data owner controller
An entity that collects or creates PII. The data owner or controller has ultimate responsibility and authority for data, including determining its purpose, how it is processed, its classification, and access policies. This role is accountable for ensuring data protection and compliance with relevant regulations. Data owner responsibilities are defined in frameworks like GDPR, ISO 27001, and COBIT. Organizations implement the data owner role through formal designation, governance structures, policy development, and oversight mechanisms. For example, a Chief Marketing Officer might be designated as the data owner for customer information, responsible for setting access policies, determining retention periods, and ensuring compliance with privacy regulations. Related terms: Data custodian, Data processor, Data steward, Data governance, Information ownership, Accountability, Privacy officer.