Subject Access Requests - Recent Developments & Guidance
The issue of subject access requests is a highly controversial one which is the cause of more than 45% of complaints to the ICO each year.
Valued by data subjects as an easy way to access their personal data, they can often pose considerable challenges for controllers in terms of time, expense, and complexity.
This new webinar summarises the key content of the ICO’s recently updated guidance note as well as recent decisions of the courts in this area, before setting out a series of steps that controllers need to take to ensure compliance.
What You Will Learn
This webinar will cover the following:
- Summary of the ICO’s guidance:
- What information needs to be provided?
- Meaning of ‘manifestly unfounded’ or ‘excessive’
- Timing requirements - when is a request time consuming or complex?
- Fees - in what circumstances can a fee be charged and for what?
- Clarification - can this be requested and how does this affect the time period?
- Third party rights - how should third party data be dealt with?
- Exemptions - what are they and how should they be applied?
- Lessons from recent case law:
- Unstructured filing systems - how will the courts determine this issue?
- Application of the legal professional privilege exemption
- Motivation of the request - to what extent is this relevant?
- Documents or data - what is the data subject entitled to receive?
This webinar was recorded on 23rd March 2021
at your organisation