A data controller is a person or organization that determines the use of personal information. The role of the data controller can be shared by many people or organizations.

Rights and responsibilities of data controllers include:

  • establishing a lawful data process and observing the rights of Data subject s (including collecting data subject Consent s and requests)
  • issuing instructions on data processing (including appointing employees to serve as point of contact) for the Data processor – the data processor should handle data exclusively in the manner prescribed by the controller.

Read more about data controller on the Piwik PRO blog and in the resources section:


  • PHI and PII

    PHI and PII: How they impact HIPAA compliance and your marketing strategy

    Personally identifiable information (PII) and protected health information (PHI) may seem similar. However, there are critical distinctions between the two. While PII is a catch-all term for any information that can be associated with an individual, PHI applies specifically to HIPAA-covered entities dealing with identifiable patient information. Keeping HIPAA compliant and protecting patient information requires…

  • How can healthcare organizations benefit from using a customer data platform (CDP)

    Like many industries, healthcare has been undergoing significant change and is under immense pressure. Patients expect personalized healthcare experiences, but are increasingly aware of their privacy rights and demand that their data is safe and not misused. Healthcare providers have been seeking ways to connect, scale, and leverage customer data more effectively to meet consumers’…