Subjects Rights Requests – How will you manage them?
The EU General Data Protection Regulation (GDPR) came into effect on the 25th of May 2018. All EU citizens have new rights to their data because of this.
EU citizens have the right to; be informed, access, rectification, erasure, restrict processing, data portability and to object.
UtopiaR is a turnkey solution suitable for all businesses. All the different types of subject rights requests can be logged into the tool and managed through a clear and visible process. It means no request is lost and that they’re fulfilled on time.
To make the process even easier, it’s possible to embed our rights request form on your own website. It only takes a few minutes. It means that your customers and clients will have a simple route to logging these requests efficiently with you.
Article 25 of the EU General Data Protection Regulation (GDPR) requires that “data protection by design and default” is delivered in the processing of personal data.
The approach is not new and is best evidenced by the completion of a Data Protection Impact Assessment, which under Article 35 of GDPR.
The conducting of effective Data Protection Impact Assessments (also known as Privacy Impact Assessments) are at the heart of “Privacy by Design and Default”. This activity has a number of distinct roles, all which are addressed by UtopiaR:
Understand and implement effect privacy controls into all data processing activities.
Identify and escalate data protection and privacy issues that may be identified during the course of an assessment.
Reduce the exposure, associated costs and legislative penalties from data protection and privacy risks that otherwise may not have been discovered.
Produce a comprehensive Data Protection Impact Assessments, this can be provided to the Supervisory Authority upon request.
Provide an option for sharing transparency of how personal data is being processed with data subjects, to build confidence and trust.
Support existing information security best practice for those who undertake risk management activities, for example as part of their ISO 27001 information security certification.