Efficient and transparent data subject access builds customer loyalty | SC Media
Regulation

Efficient and transparent data subject access builds customer loyalty

March 5, 2021
Today’s columnist, Steve Dickson of Netwrix, says that staying compliant with data privacy regulations like CCPA and GDPR requires storing sensitive data in secure locations. TomRaftery CreativeCommons Credit: CC BY-NC-SA 2.0
  • Reduce the amount of data stored. The more customer data a company holds, the more data it will have to review, redact and disclose to fulfill DSARs. Moreover, GDPR Article 5(1)(e) says that companies cannot keep customer data for longer than they actually need it. Therefore, the company needs to stay transparent about how it uses customer data. Make sure to mention how long the company will store data in consent and don’t keep data longer than needed.
  • Store all sensitive data in designated locations. Identify and store sensitive data in secure locations. This will prove that the company supports the security and integrity of customer data, as required by Article 5(1) of the GDPR. But this practice also helps the company manage DSARs more efficiently. Reduce the scope of systems that the company has to look through to make it easier to find the sensitive data related to customers.
  • Establish efficient methods for completing data searches. Responding to a DSAR requires the company to carry out a reasonable search for the data subject’s personal data. This may mean searching through large amounts of data held in various formats and locations, such as email, word documents, databases, and messages in collaboration tools. Classify and tag all data. This makes the search more accurate and avoids the risk of providing irrelevant data. If possible, automatically search through tags, it will help the team find all the data customers require faster.   
prestitial ad