The EU’s General Data Protection Regulation (GDPR) has brought numerous rights to the data subject in regard to the management of their personal data. How to ensure confidentiality and data protection when handling subject access requests?
The regulation has given the data subjects the right to check what personal data concerning them are handled by different data controllers. The subject access requests are currently on the job list of many companies and organizations operating in the European Union.
Data protection when processing personal data
Companies and organizations must always process personal data in compliance with the data protection principles specified in data protection legislation. For example, the data protection principles state that personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject. In addition, the data must be processed confidentially and securely.
It is the duty of the company to choose the systems that support the processing of personal data according to the obligations imposed by the legislation.
Data must be delivered securely to data subject
A data subject may at any time be in contact with the company. If the data subject wants to be able to see the personal data collected about him/her, the information must be provided to the data subject without jeopardizing data protection.
How are subject access requests handled in your company?
- Is there a straightforward channel for the data subject to send subject access requests?
- Is the channel safe enough for a confidential contact?
- How is the data subject identified?
- Who can see and handle the request?
- Where is the information about the requests being collected?
- How is the requested personal data delivered to the data subject safely?
- Is data protection taken into account?
Learn how one of our customers has solved the communication related to subject access requests securely.
If you wish for more information, please contact us! Call +358 9 6850 320 or email firstname.lastname@example.org. You can also fill the contact form below and we will contact you.