Question 25
Domain 3 — Privacy Architecture and Data Protection by DesignAn organization want to develop an application programming interface (API) to seamlessly exchange personal data with an application hosted by a third-party service provider. What should be the FIRST step when developing an application link?
Correct answer: C
Explanation
Data mapping is the first step because an API link must define how each data element in one application corresponds to the other. This identifies the fields, formats, and transformations needed to “seamlessly exchange personal data” before any integration or coding begins.
Why each option is right or wrong
A. Data tagging
Data tagging labels or classifies data, but it does not define field-to-field correspondence.
B. Data normalization
Data normalization standardizes format or structure after relationships between fields are identified.
C. Data mapping
Before any interface can be built, the organization must identify which data elements in its application correspond to the third party’s fields and how each value will be transformed; that is the data-mapping phase. In API integration practice, this is the prerequisite to defining the payload structure, field names, data types, and validation rules, because without a field-by-field mapping there is no reliable way to exchange personal data between systems.
D. Data hashing
Data hashing protects values or supports matching, but it is not the starting integration design step.