OneTrust’s data subject access rights (DSAR) tool has helped organisations handle more than 10,000 requests within two weeks of the GDPR go-live date of 25 May.
Its DSAR tool gives an organisation a ‘scalable and secure’ way to handle individual rights requests from customers, employees, partners and other data subjects under the GDPR. Recent updates to the tool gives organisations more options to customise and automate workflows, offers built-in translations to 100+ languages and enhances reporting and metric capabilities according to the company.
Under the accountability principle, GDPR also requires that organisations be able to demonstrate compliance with their obligations. As a result, organisations may need to produce records that data subject access requests have been handled appropriately.
DSAR portal helps companies automate data subject requests. Data subjects can submit their request through a branded web form embedded in an organisation’s privacy policy. The requests are then added to a queue for privacy and IT teams to complete via automatic, customisable and pre-configured processes.
If the company needs to communicate with or get additional information from the data subject, they can utilise secure, encrypted messages right form the OneTrust platform.
“Expanded rights for data subjects are a positive step forward in GDPR, however, can be a manual and complicated obligation for organisations to handle appropriately,” said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). “That’s why we built the OneTrust DSAR portal to automate and record the full lifecycle of data subject requests. Privacy and IT teams are now equipped with a highly scalable tool to automate processing those requests.”
OneTrust helps organisations automate DSAR requests in five steps: request intake, assignment workflows, find the data, communicate responses and metrics and reporting.
“Like all of our products, our DSAR solution is designed based on deep privacy research and a firm understanding of the requirements under GDPR and is deeply integrated with our data mapping, PIA/DPIA and other privacy management modules,” Barday added.
Earlier this year OneTrust and the International Association of Privacy Professionals (IAPP) have launched an updated Consent and Data Subject Rights Platform.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst
