Could You Handle a DSAR Right Now?

DSAR – What is it?

At present, a Data Subject Access Request (DSAR) is a demand from an individual to an organisation to produce a copy of all the Data that the organisation holds on them. The individual must make a written request and pay a fee.  The individual must then be informed about any personal data being processed, a description of the personal data and the reasons it is being processed, whether it will be given to any other party, and given a copy of the Data.

In most cases you must respond to a subject access request promptly and in any event within 40 calendar days of receiving it.

Busy responding to DSAR

Why is it important now?

GDPR is about to change the status quo on DSAR significantly.

  • The DSAR must be answered within 30 days.
  • The small fee for requesting your information will be removed, meaning it is free.
  • GDPR also highlights Data Portability, meaning individuals have a right to request their Data to move to a new Data Processor
  • There will be no restriction on applying for a DSAR.
  • The implementation of GDPR is bringing massive media attention, DSARs will increase.

So….Are You Ready?

According to our recent GDPR Data survey, just over 50% of respondents had an active Data Management plan in place for GDPR. This is before we go down a level to the types of Data that will be in scope for an access request – bear in mind that an individual will be entitled to recieve a copy of ALL of their information.

So, potentially you have paper records, recorded phone transcripts, all CRM/ERP structured database type Data to trawl through and then you come up against Unstructured Data , the email and file Data that accrues from doing daily business online.

  • Have you got the right toolset for Unstructured Data to capture all the individual’s details to answer the request?
  • Do you have a comprehensive understanding of the complexity of the request?
  • Can you query your existing systems and see the Data in scope?
  • Can you extract the information easily?
  • Can you get it organised and compiled in the correct format in time?
  • What happens if you get multiple requests at the same time?
  • Do you have the correct Data policies set for retention?

ComplyKEY

ComplyKEY from Waterford Technologies is designed to address DSAR requests at the Unstructured Data level, giving you the power to see your email and file Data, take action and rapidly respond to these sorts of requests in a timely and compliant manner.

Talk to our Data Management consultants today and learn how you can save time, money and resources with ComplyKEY for GDPR and other compliance regulations.