2018 ushered in the General Data Protection Regulation (GDPR), bringing a heightened focus onto data captured and stored by businesses. If you didn’t have a recently reviewed Privacy Policy in place then you were probably one of the companies in May 2018 who were rushing to get people signed up before the deadline of May 25th 2018.

Elizabeth Denham, Information Commissioner, explains how our digital footprint is defined in every area of our lives. GDPR sets the responsibilities of organisations to manage data securely.

Data is King!

Businesses store more data today than ever and consumers are handing over their personal data in good faith that it will be stored and managed in a fair way.

GDPR has made it easier for consumers to obtain copies of the data stored about them and how it is being used. This provides transparency for them but could provide some additional challenges for organisations.

Right of Access

Individuals have the right to obtain the following from you:

  • confirmation that you are processing their personal data;
  • a copy of their personal data; and
  • other supplementary information – this largely corresponds to the information that you should provide in a privacy notice
    Information Commissioner’s Office

A request can be received via various methods, including Social Media.

Are your staff trained to identify a request?

What would you do if you received a request?

Do you know how long you have to respond to a request?