ISM’s blog discusses challenges associated with data subject access requests (DSARs) and the factors you will need to consider when responding to one.
The General Data Protection Regulation (GDPR) provides data subjects in the UK and EU with a right to access their personal data and, to exercise this right, can make a data subject access request (DSAR) of any controller that processes their data. However, while ‘I want to see my data’ might sound like a very simple request, the regulatory caveats around what data you must and must not provide and the timeframe in which you must provide it, mean they can be more complex than initially seems to be the case.
Read URM’s blog on our educational website, informationsecuritymanagement.com, in which we explain how you can recognise a DSAR, who is responsible for managing them, how to respond to one, and more.
In May 2018, the General Data Protection Regulation (EU) 2016/679 (GDPR) came into effect, setting a new standard of privacy that must be upheld by organisations processing individuals’ (data subjects’) personal data. The Regulation applies to any organisation processing the …
Introduced in 2018 by the EU (and adopted into UK legislation), the General Data Protection Regulation (GDPR) is a regulation which grants individuals in the EU and UK rights over how their data is processed by organisations. Any organisation that …