The EU General Data Protection Regulation is now applicable, and many data subject requests have been already sent. But the question about how to identify the data subjects sending requests and be GDPR compliant remains. It's an important question because, obviously personal data needs to be protected, and you need to ensure confidentiality, integrity and availability more than ever. Any data subject access requests made by unauthorized persons will result in a breach. In an article for The Privacy Advisor, Piotr Foitzik, CIPP/A, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPM, CIPT, advises on how to stay out of trouble while maintaining compliance with the GDPR’s DSAR requirements.
If you want to comment on this post, you need to login.