I’ve seen a few suppliers make classic errors dealing with breaches in their client’s data. Here are the top three errors suppliers make and 5 suggestions to avoid them!
Supporting Customer to Respond to a Data Subject Access Request
Category: DSAR Management / Accountability
Customer: Public sector body
We supported a client who received multiple Data Subject Access Requests at the same time creating a challenge to collate all the relevant data, redact it and release the information within the required timeframe. We provided practical guidance on structuring the information collected in order to effectively manage it through the review and release process including the use of redaction tools. We developed a review and redaction process to ensure the right level of information was released and the correct redaction procedures applied. We also reviewed all the released content giving the client confidence that they had met all their obligations in responding to the requests.
Join Our Newsletter
Sign-up to receive news and information from Fort Privacy
Fort Privacy processes your personal data in order to respond to your query and provide you with information about our products and services. Please see our Data Protection Statement for further information
The General Data Protection Regulation is “risk” based legislation. This means that the protective measures an organisation implements should correspond to the level of risk associated with their data processing activities. It’s worth noting that the risk that should be considered here, is the risk to the data subject as opposed to risk to the business of non-compliance.
Data Protection Programmes are all the rage these days. It’s great to see the compliance conversation moving in this direction. As a Data Protection Officer (DPO), I know the difference between working with a solid data protection programme and working with none and all.