Tacking the Daily Challenge of Responding to DSRs

Introduction

While the law around responding to Data Subject Requests (“DSRs”) has remained relatively static under the UK Data Protection Act 2018 (“DPA’18”), additional guidance has been issued by the Information Commissioner’s Office ICO and clarity has been added in the form of the UK Data Use and Access Act (“DUAA”) and court decisions.

The real challenge for organisations in processing DSRs lies in turning around increasing volumes of DSRs, not inadvertently committing a data protection breach, whilst responding with adequate detail to satisfy the needs of the data subject.

This virtual classroom seminar will cover how to establish the internal structures that are necessary within any organisation handling medium to high volumes of DSRs (more than a dozen) every year, that they will need to establish in order to produce the necessary detail of responses to data subjects while preventing the build-up of large backlogs that can lead to statutory deadlines being missed.

What You Will Learn

This live and interactive session will cover the following:

• Recognition of a DSR on receipt to prevent inefficiencies
• Identification, verification and possible automation
• Mapping internal data stores
• Developing a standard templated response form
• Handling large-scale ‘bulk’ document reviews
• Identifying and applying exemptions
• Secure document redaction
• Quality checking
• Staff awareness and training
• Can technology help? Questions to ask tech suppliers
• Internal governance and controls
• Is it possible to charge for a DSR response?
• The DUAA - how to assist Data Subjects in making a complaint

Recording of live sessions: Soon after the Learn Live session has taken place you will be able to go back and access the recording - should you wish to revisit the material discussed.