OpenText has published a webinar which I moderated for them recently on Data Subject Access Requests (DSARs).
The speakers were Catrina Smith and David Wilkins of Norton Rose Fulbright. Catrina Smith is a partner in the employment department at Norton Rose Fulbright who, it quickly appeared, has a comprehensive and practical approach to dealing with and advising clients on dealing with Data Subject Access Requests. David Wilkins is Legal Technology Project Manager at Norton Rose Fulbright, advising NRF lawyers and clients on how technology can be used to address the challenges of handling personal data disputes, investigations, and information governance projects.
In the run-up to the General Data Protection Regulation in May 2018, many organisations worried only about how to avoid fines and how to look good to the regulator. Less energy went into addressing the question “What data do we have?” and still less on “How will we actually react to something arising from the GDPR?”
Data Subject Access Requests were not new with the GDPR, and many organisations overlooked the GDPR’s more onerous implications of an individual’s right to know what information organisations held about them.
In the webinar, Catrina Smith described the scope of DSARs, and explained why organisations had to care about them and how they could manage their responses effectively. She emphasised the role of technology (Norton Rose Fulbright use OpenText Axcelerate) and the role of David Wilkins and his team in enabling NFR clients to meet their DSAR obligations. David Wilkins talked through the iterative processes by which he and his team supported the lawyers and their clients, and how they managed the data and the interaction with the requesting party.
The webinar was brisk and practical. You can find it and its supporting materials here.