Aimee Brown

In this episode of InfoSec Insider – Talk DP, Rachael Salter and Aimee Brown, both Consultants at URM, explore individuals’ rights under the GDPR beyond the right of access (the most widely discussed of the data subject rights), and the requirements and obligations on organisations handling these.  Rachael and Aimee draw upon over 20 years’ combined experience in data protection to discuss:

• The data rights aside from the right of access that tend to unexpectedly consume business resources and why
• The operational risks posed to small and medium-sized enterprises (SMEs) by rights such as erasure, rectification, restriction, portability, and objection
• How SMEs can recognise success in handling these rights without drowning in process complexity
• The common pitfalls that cause unnecessary challenges or regulatory difficulties when dealing with these rights
• How, in real-world terms, businesses can balance customer empowerment through data rights with maintaining smooth, cost-effective operations.

In this episode of InfoSec Insider – Talk DP, Rachael Salter and Aimee Brown, both Data Protection Consultants at URM, provide their insights on overcoming data subject access request (DSAR) challenges and how organisations can gain benefits from the fulfilment of DSARs, rather than treating them purely as a business burden.   Rachael and Aimee leverage over 20 years’ combined experience in data protection to discuss:

• Whether DSARs can actually enhance customer trust, or are simply a compliance checkbox exercise for organisations
• How organisations can reframe DSAR handling as an opportunity to improve their data governance
• The hidden costs of DSARs and how you can measure whether those costs bring any tangible benefits
• When it is appropriate to push back on a DSAR as ‘manifestly unfounded’ or ‘excessive’ and how to defend this decision to the regulator
• How to proactively use DSAR data to inform your privacy strategy and customer engagement.