Privacy Ref Blog

Do It Your Self Rights Requests

On our last webinar (as of this writing) I discussed how a company can handle data subject’s rights requests under GDPR. Many of these requests are going to require attention, such as those ‘right to be forgotten’ requests. Others may seem daunting but can be handled easily and may not require any direct participation from your end.

Auto-Magically

On this past webinar, I discuss how Facebook handles access requests. If you take the time to go through your account settings, you can find a link to download your data. This provides you a zip file with all of the information related to your account and its previous activity. Essentially, Facebook has automated access requests.

Taking this into account, how else can you automate requests? If your userbase all have accounts, they can rectify any information related to them by having them edit their own profiles. This provides users with a quick and reliable method to correct information or alter it as it changes. Access, rectification, objection, restriction, and even portability requests can be handled in this way. Technically any request can, but I would hesitate from allowing data subjects to delete information at will for erasure requests.

There is more here as well. Many requests include notifying controllers with whom you have shared the information with previously of the request or changes. You could potentially update these individuals as well of these changes. By automating these requests, you save time you would otherwise use handling them. You save money and opportunity costs because your employees can work on other activities. By automating requests when possible, both your customers and executives will be happy.

Privacy Ref provides consulting and assessment services to build and improve organizational privacy programs. For more information call Privacy Ref at (888) 470-1528 or email us at info@privacyref.com

Posted on March 8, 2018 by Ben Siegel


« »

No Responses

Comments are closed.


« »

Subscribe to our mailing list

Please fill out the form below.

Required

Want to find out more?

Simply go to the contact page, fill out the form, and someone from Privacy Ref will be in touch with you. You can also send an email to info@privacyref.com or call (888) 470-1528.

News

April 16, 2018

IAPP Training Classes
Privacy Ref is proud to announce that we are an official training partner of the IAPP. You now have the opportunity to learn from one of our knowledgeable privacy professionals using the most respected training content in the industry. The robust interactive training offered, aids in the understanding of critical privacy concepts. The contents of the courses are integral to obtaining your privacy certifications and to educate your new team. Learn more here.

Latest Blog Posts

June 4, 2018

My First Taste of GDPR
It is no secret that I am, for lack of a better term, a nerd. I am also a Privacy Consultant here at Privacy Ref, so I usually pride myself on knowing about privacy goings on in the world. However, for the first time I was bamboozled by changes to a privacy policy. Continue reading this post...

April 30, 2018

Defining GDPR for Non-Privacy People
During the IAPP’s most recent Privacy Summit, I was approached with an interesting question. “I am a privacy professional and I know why GDPR is important. I know about the fines and requirements for compliance, but few others at my company do. How do I explain GDPR to my colleagues effectively?” I responded with a quick and simple answer that probably did not cover all the bases, so I wanted to write up some deeper thoughts on the subject. Continue reading this post...

Other Recent Posts

PRIVACY REF