Subject Access Requests and GDPR

Under the previous UK Data Protection Act, you may have already been familiar with the notion of a Subject Access Request (SAR) and had a defined a process for dealing with them.

However, are you aware that the GDPR brings additional rights to individuals?

  • As organisations are no longer able to charge an Administration Fee (with limited exceptions), it is anticipated the implementation of GDPR on 25th May 2018 will result in a dramatic increase in the number of SARs being invoked across the private, public, not-for-profit and charity sectors.
  • Organisations will have to both acknowledge and respond to the SAR as soon as possible and no later than 30 days.

If your organisation does not have a defined process for dealing with SARs, we recommend that you prioritise implementing one as soon as possible and here's why:

  • If organisations fail to comply with SARs, they increase the risk of being reported to the supervisory authority which could incur inspection from the ICO, expose additional non-compliance of the GDPR resulting in potential fines but more importantly reputational damage.

GDPR SAR Management Software

The SAR Management dashboard quickly shows you the progress and status of your current Subject Access Requests and prompts you for the next action at each step.

GDPR SAR Management Software - PYXI for GDPR

PYXI firmly believe that you should not treat the process of responding to SARs as a hindrance, but you should actually build this into your customer service activities as a competitive differentiator to build trust, drive customer loyalty and protect the reputation of your brand.

PYXI for GDPR provides organisations with a simple and efficient solution for managing the SAR process.

Sign up for PYXI for GDPR for £19+VAT per month

More Detail about PYXI Software for GDPR

Keeping Track of Personal Data in your Organisation

Read more about how PYXI stores information about your Personal Data records for Article 30 here: Article 30 Record Keeping

Managing Subject Access Requests

Read about how we help you to manage Subject Access Requests in your organisation: GDPR Subject Access Requests

Managing Data Breaches for GDPR

Read how we help with managing Data Breaches for GDPR: GDPR Data Breach Management