2nd Edition

Tracking the trends and news for IT and IT Security

Paul

Mature Your Privacy Program with DSAR & Incident Management Automation

cropped-cropped-onetrust-theme-logo-1-270x270.jpgMature Your Privacy Program with DSAR & Incident Management Automation>
One Trust Blog
That said, there are two areas of your privacy program that require immediate action based on todayâs regulations. First, privacy rights requests (DSARs) that enable consumers to exercise a privacy request in regard to their personal data, such as access, deletion, or rectification. Second, incident management processes to assess and mitigate data incidents that involve personal data as a result of unauthorized access or activity.

Step 1: Establish Effective Intake Methods for DSARs & Incidents Regardless of their current volume of requests, all privacy teams should create a system that centralizes DSAR intake management. This could look like a web form, landing page, or survey. In any case, all intake requests must flow into one location for efficient processing.

Any request that falls through the cracks presents a risk of non-compliance, so itâs important to build a system that helps mitigate this risk.

Incident Intake Methods To protect the process, organizations must provide a secure intranet that collects the necessary information to take action. The intake forms should be configurable to the incident type and align with requirements set by governing bodies.

Step 2: Create a Structure for Responses Creating a structure for responses will also shorten the timeline for DSAR and incident management. While most organizations already have workflows in place, these often rely on manual tasks that increase the overall timeline and leave room for error.

Once a privacy rights request comes in, organizations typically have between 15 to 45 days to respond depending on the jurisdiction in scope. Automating DSAR response management is critical for privacy teams, as theyâre becoming responsible for more DSAR resolutions than ever before. Therefore, itâs important that a robust workflow is in place so that the response to the DSAR request is efficient.

Having robust workflows in place certainly helps to make the response efficient. However, a workflow of complete manual steps risks creating time consuming responses. Which is why most organizations are now looking at what can be done to further automate. No matter how small the incident, privacy teams must complete a full risk assessment before generating a response. This involves creating an incident response protocol that incorporates the right team members from the start. Automation can power several connective steps to hasten incident response. This includes generating guidance based on each jurisdiction involved and streamlining the process of notifying affected individuals.

Step 3: Enhance DSAR & Incident Workflows with Automation Automation
Link: https://www.onetrust.com/blog/dsar-incident-management-automation/

Categories:

Tags: