People’s right to request a copy of their personal data from both private and public sector organizations, has been an increasing part of privacy and data protection law since the 1980s. Individual awareness of these rights has grown in recent years, largely driven by the General Data Protection Regulation (GDPR), including data subject access requests (DSARs) and access rights.
This has led to many organizations receiving requests for the first time or witnessing a significant rise in the number of DSARs. While organizations have created workflows and portals to facilitate those requests, there are underlying foundational issues of data retention policies and practices that few organizations have addressed.
Download this handbook to learn:
- What the risks posed by inadequate data retention policies and procedures are
- How a data inventory serves as the foundation for operational data retention
- How the principles of data retention support effective DSAR response processes