In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we consider the increase in subject access requests (SARs) and other liability issues under GDPR. Recently, the UK Data Protection Authority, the Information Commissioner’s Office (ICO), issued new guidance on handling SARs. The guidance follows responses from organization of all shapes and sizes however and is clearly an indication of what the ICO is thinking. Cordery also took part in the consultation process for this new guidance. Some of the highlights are:

  1. How much have SARs increased?
  2. Why are there excessive requests?
  3. What are the ways companies can slow things down?
  4. Why are 3rd party portals so problematic?
  5. How does big data make all this more difficult?
  6. Are companies looking at data protection in the due diligence phase of M&A?

Check out the Cordery Compliance, client alert on SARs, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.