The U.K. Information Commissioner's Office published guidance on responding to subject access requests. The ICO said businesses and employers risk fines or reprimands for compliance failures, but ICO Policy Group Manager Elanor McCombe said many employers misunderstand the requests or underestimate their importance. "It's important not to get caught out," she said, adding the guidance is intended to help employers respond to SAR's "in a proper and timely manner, and to ensure that employees are able to access their personal data when desired."
ICO issues guidance on subject access requests
Related stories
Notes from the IAPP Canada: Ontario IPC shares enforcement philosophy with law students
Notes from the IAPP Europe: Wrapping up November with the IAPP DPC
Ireland's DPC details legitimate interest prong of its LinkedIn enforcement action
What the new European Commission could mean for digital regulation
IAPP DPC 2024: Reynders discusses GDPR enforcement harmonization, adequacy developments
