Gartner Report: Recommendations for Data Privacy Process Automation
By 2023, modern privacy regulations will cover 65% of the world’s personal data, up from 10% today. Moreover, self-service portals for preference and consent management will be far more prevalent than they are today.
Gartner’s latest Market Guide, Market Guide for Subject Rights Request Automation, takes a direct look at the heart of modern privacy regulations: The Data Subject Access Request (DSAR). These requests allow individuals the right to know what personal data an organization is holding, and offers individuals greater control over remediating that data. The report covers the current landscape and provides an overview of the market of solutions, recommendations to security and risk management leaders, and breaks down every stage of the request process.
Among Gartner’s key findings from this report are:
- The cost of manual processing of a single subject rights request (which Gartner refers to as SRRs) is more than $1,400. A majority of organizations aren’t able to respond to a request for more than two weeks.
- An efficient process for handling SRRs means a lot for user experience, but many organizations aren’t moving toward automated services.
- Fines from regulatory violations associated with SRRs have been increasing, which means that companies aren’t doing a good enough job of satisfying the legal requirements through their manual processes.
Management of most SRR processes has begun to take center stage in recent years with laws like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) launching to world-wide effect. This means that more than 1 billion people have seen their privacy rights expand exponentially—a number that accounts for nearly one-third of the global economy.