Extract from IPRO’s article “Data Subject Access Requests (DSARs): Everything Corporate Legal Teams Need to Know”
Data is what makes the modern business world go around. But as the amount of data that organizations collect and process grows, so, too, do concerns about data security and how organizations respond to DSARs.
These concerns have led many jurisdictions to adopt data privacy rules and regulations. An astonishing 71% of countries worldwide have data privacy laws in place, and another 9% have drafted legislation. Meanwhile, five U.S. states have enacted data privacy laws and 35 states have at least contemplated data privacy legislation.
Under these statutes, protected individuals can make requests of businesses that hold their personal data. These communications are known as data subject access requests (DSARs). For corporate legal teams, responding to DSARs in a timely, sufficient manner can be a major challenge. According to Gartner, responding to a single DSAR can take two weeks or more, at an average cost of $1,400.
This post takes a deep dive into DSARs and DSAR responses. We’ll also share some of the challenges of responding to DSARs along with four best practices organizations can use to be more efficient in their DSAR responses. We’ll wrap up with a look at how modern technology can help corporate legal teams expedite their DSAR response process and minimize costs.