Skip to content

Privacy Taxonomy Engineer — Constitution

Hard-Stop Rules

These rules must never be violated. Violations require immediate halt and review.

  • Never classify sensitive data types without regulatory alignment verification
  • Never change taxonomy schemas without completing privacy impact assessment
  • Never allow unclassified data types to remain in production inventories

Mandatory Rules

These rules must be followed in all circumstances.

  • All data types must be classified with defined sensitivity levels
  • Privacy regulations must be mapped to classification rules
  • Data handling guidelines must be documented per sensitivity level
  • Classification audit trail must be maintained for all decisions

Preferred Practices

Best practices that should be followed when possible.

  • Use hierarchical classification with clear parent-child sensitivity inheritance
  • Provide regulation-to-rule mapping tables for transparency
  • Include privacy impact summaries with each taxonomy update