Select Page

Significant Increase in DSAR Requests Post-Pandemic

Author: Tim Steele
DSAR requests on the horizon
DSAR processing is more difficult when the data necessary to fulfill the requirements is out of reach.

30% believe there will be a significant increase in DSAR requests when the pandemic lockdown ends

Data Privacy & the Data Dilemma

Data privacy laws dictate strict rules for reporting and processing Data Subject Access Requests (DSAR’s). Failing to respond to a DSAR can lead to significant financial penalties. The dilemma is the data itself – on one hand, it’s the cause of angst, and on the other, it’s the solution to the problem.

The problems start with inability to access the data internally, judging by DSARs and the impact of COVID-19, a study from compliance firm Guardum, conducted by Sapio Research. And of the companies polled, 30% believe there will be a massive increase in DSAR requests when the pandemic lockdown ends.

Ray Schultz (Email Insider)

The issue is made more complex by the nature of unstructured data. Unstructured data represents 80% of all data, it increases 100% every eighteen (18) months, and most of it is Redundant, Obsolete or Trivial (“ROT“).

Significant increase in DSAR requests - compliance

According to Egress, only 30% of companies are compliant. Only another 27% had plans for 2020. A recent ZyLAB survey finds that for 45.4% of those implementing the DSAR solution, the biggest challenge is future compliance.

Data Breach Responses Pose the Same Challenges

Data breaches have equally strict reporting requirements. Breaches must be reported within a definitive time frame, detailed records retained, and subjects whose data was breached must be informed in a timely manner. Data breach responses require the same insight into data for responsiveness.

Compliance & Solving For the Data Dilemma

Data privacy is the law, it is challenging, and non-compliance is not an option. Complying with data privacy laws depends on the ability to identify relevant data quickly, cost effectively and process requests within legal guidelines.

The first hurdle is to surgically locate relevant data and personally identifiable information (PII) across all data repositories – fast. The cost of a single DSAR request can be punitive. For example, Oxford University had to process over 500,000 emails to respond to one DSAR, costing upwards of $150,000. Additional steps include:

  • Redacting all personally identifiable information
  • De-duplicating relevant data for reporting accuracy
  • Enriching non-searchable data for further search
  • Analyzing, classifying, and organizing information for review
  • Tracking and reporting for audit trail

The combined technologies of Heureka and ZyLAB ONE enable searching, indexing, and classifying large clusters of endpoints and file shares – fast. Functions may be centralized or distributed for better performance and scalability. Search parameters include Boolean, quorum search, wild cards and fuzzy matching, complex regular expressions, parsing and tokenization.

Best-of-Breed DSAR Response & Management

DSAR workflow is fixed, predictable, must be managed, and ArkCase provides best-of-breed DSAR case management.

The ArkCase Data Request Management module is a fully functional DSAR solution out of the box. Editing forms and workflows use drag-and-drop technology so staff can easily verify and adapt the functionality to their specific needs. ArkCase provides standard – but customizable – request forms, workflow solutions, and is easily deployed to comply with data storage and security regulations.

Significant increase in DSAR requests - better economics

Heureka, ZyLAB and ArkCase round out a comprehensive, scalable, responsive, and best-of-breed DSAR management. The integration of our platforms reduces spend by as much as 60% compared to manual processing. Users have immediate access to data, document review, redaction and real-time status. Better economics.

Significant Increase in DSAR Requests