1 / 6

DiSARm a Data Subject Access Request (DSAR) in 4 Steps

The scope of a DSAR can be wide-ranging and is often used by either a disgruntled current or former employee, embarking on a contentious litigation process with their current or ex-employer.<br><br>

ldmglobal1
Télécharger la présentation

DiSARm a Data Subject Access Request (DSAR) in 4 Steps

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DiSARm a Data Subject Access Request (DSAR) in 4 Steps

  2. Since the introduction of the GDPR on May 25th , 2018, LDM Global has seen a considerable spike in the number of Data Subject Access Requests (DSARs) faced by our clients on a monthly basis. The scope of a DSAR can be wide-ranging and is often used by either a disgruntled current or former employee, embarking on a contentious litigation process with their current or ex-employer.

  3. If an employer collects, holds and uses personal data belonging to an existing or past employee and the employer falls under the scope of the GDPR, then a response furnishing all personal data in scope must be issued from to the employee within 30 days. The traditional method which is usually deployed by a number of organizations entails exporting data to a web-based review platform and commencing a manual review of all documents. Reviewers would then identify personally identifiable information (PII) within a document while also manually redacting third party PII and/or commercially sensitive information that may lie within the same document.

  4. While this traditional methodology may still be suitable in some cases, with the evolution of Artificial Intelligence (AI), the aforementioned process has become mostly obsolete for larger, and more complex DSAR responses. The following steps are designed to assist organizations with formulating a response plan which will enable them to ‘DiSARm’ the threat posed by a DSAR and respond expeditiously.

  5. Information Governance: When an organization is faced with either a regulatory investigation, discovery or DSAR, they risk being on the back foot and are faced with a situation that is then reactive. However, by taking a more proactive approach with managing their data, organizations will be better placed to respond efficiently to any such data request. Undertaking data mapping exercises, implementing data retention policies and digitizing an entire workspace are all effective ways for an organization to ensure that their ‘digital house’ is in order.

More Related