The Cardiff City Council has signed an undertaking with the Information Commissioner’s Office (ICO) after a review of the council’s practices found that it was not properly complying with Subject Access Requests (SARs), reports Out-Law.com. The council committed to clearly defining and managing SAR procedures and training staff in them, as well as putting in place “appropriate checks and supervision” to ensure third-party data is handled according to the Data Protection Act. The ICO review stemmed from a complaint stating that after submitting a SAR, the complainant had not received a reply within the 40-day statutory timeframe.
Full Story


If you want to comment on this post, you need to login.