DSARs for Employers
The receipt of a Data Subject Access Request (DSAR) from an employee or ex-employee can provide significant challenges for any business.
With only one month to meet your legal obligations to evaluate a potentially enormous quantity of emails and other digital records, it’s not uncommon for an organisation to feel somewhat overwhelmed.
How Loch Associates Group can help
Our dedicated DSAR specialists at Loch Associates Group have extensive experience dealing with data protection legislation, and can provide the necessary guidance and assistance to ensure you comply with a Data Subject Access Request.
In order to help minimise the time, stress and any disruption to your business, we can:
- Review all the necessary documents, messages and records
- Determine what personal data needs to be disclosed
- Redact sensitive information that’s not pertinent to the DSAR request•
- Take care of the entire process for you
With our expertise in data protection law, we can also minimise your costs and legalities. This ensures that the handling of your DSAR request is not just fully compliant, but also cost effective.
Protecting your business and your data:
Would you like a call back from an expert?
By submitting this form you are providing us with your personal information. We take great care to look after your personal data safely and securely. You can read full details in our Privacy Information
Enquire now on 0203 667 5400
Our experts are waiting to talk with you and our aim is to respond to all enquiries within 2 hours.
Our award-winning team
Should I handle a Data Subject Access Request in-house?
Loch Law
Testimonials
Responding to a DSAR
Responding to a DSAR will usually comprise:
- Verifying the identity of the individual making the request and ensuring that the business does not share personal data with the wrong person
- Confirming the existence of personal data that is held and processed by the organisation
- Providing descriptions of this data, the reasons for its processing and whether it is to be shared with any other entities
Producing copies of any and all information that comprises the personal data - Disclosing the source(s) of the personal data, where applicable and available
Data released in response to a DSAR cannot contain sensitive personal information about other individuals than the originator of the request, and so all records released must be processed to redact data that should not be shared. If the Data Subject Access Request is fulfilled incorrectly and the wrong records are released, the individual behind the request can use this against the organisation and file a complaint with the ICO.