It seems to happen almost weekly nowadays: another massive brand hit by a data breach, with no real understanding of how or when it happened, or how many people are affected. The media - and the information management community - have been waiting for a GDPR test case since the legislation was first dreamt up. We sat down with Simon Parkinson, COO at Dot Group, to talk data maps, asset registers, subject access requests and other tricks that ought to go some way towards keeping you and your organisation out of the headlines!
Subject Access Requests, or SARs, may not be new - they came in under the Data Protection Act in 1998 - but the recently enforced GDPR goes some distance further, cutting the time given to respond to requests, doing away with application fees and famously, hiking fines up to 4% of turnover or €20 million, whichever is higher.