DSAR Module

DSAR (Data Subject Access Request) Module

 

Overview

The DSAR module enables organizations to efficiently handle Data Subject Access Requests and other data subject rights requests. It ensures timely response to requests within regulatory deadlines.

 

Key Features

  • Request intake and tracking
  • Identity verification
  • Request type categorization
  • Deadline management
  • Response workflow
  • Communication tracking
  • Request reporting

 

Data Subject Rights

Under GDPR, data subjects have rights to:

  • Access - Obtain copy of their personal data
  • Rectification - Correct inaccurate data
  • Erasure - Request deletion (right to be forgotten)
  • Restriction - Limit processing of their data
  • Portability - Receive data in portable format
  • Object - Object to certain processing
  • Automated Decisions - Not be subject to automated decisions

 

Creating a DSAR

To log a new request:

  1. Navigate to Data Privacy - DSAR
  2. Click Add Request
  3. Fill in request details:
    • Request Type - Type of right being exercised
    • Data Subject - Who is making the request
    • Date Received - When request was received
    • Channel - How request was submitted
    • Description - Request details
  4. Click Submit

 

DSAR Workflow

Standard request handling process:

  1. Receive - Log incoming request
  2. Verify - Verify identity of data subject
  3. Assess - Determine request validity and scope
  4. Collect - Gather relevant data
  5. Review - Review data for exemptions
  6. Respond - Provide response to data subject
  7. Close - Document completion

 

Response Deadlines

Regulatory timeframes:

  • GDPR - 1 month (extendable by 2 months for complex requests)
  • CCPA - 45 days (extendable by 45 days)
  • Local PDP laws may have different requirements

 

Identity Verification

Verify data subject identity:

  • Request identification documents
  • Verify through existing account
  • Security questions
  • Document verification steps

 

Exemptions

Some requests may have exemptions:

  • Third-party data protection
  • Legal privilege
  • Trade secrets
  • Ongoing investigations
  • Manifestly unfounded requests

 

DSAR Reports

Generate request reports:

  • Request volume by type
  • Response time metrics
  • Pending requests
  • Compliance rates

 

Best Practices

  • Tanggapi semua permintaan dengan cepat
  • Dokumentasikan semua tindakan yang diambil
  • Verifikasi identitas sebelum pengungkapan
  • Lacak tenggat waktu dengan cermat
  • Latih staf tentang prosedur penanganan
  • Pertahankan catatan permintaan

Data Privacy

1
Introduction to Data Privacy
2
Privacy Policy Module
3
RoPA Module
4
Consent Management Module
5
DPIA Module
6
DSAR Module