Introducing Data Mapping
“What PI does my organization process, and where is it stored?” “How...Read Now
December 16, 2021
Data-subject access requests (DSARs) have become a core part of many privacy compliance efforts. Supporting DSARs is a requirement under the EU’s GDPR, and California’s privacy laws indicate that U.S. states are keen to follow its lead.
DSARs allow users to request the information a company has collected about them, as well as how it’s being used, with whom it’s being shared and why. It’s essential to have a system that allows you to fulfill these requests within the timeframe any given law requires. For that, you’d use Osano’s Data Discovery to understand, holistically, what data you have on any given user and where it lives, Osano’s DSAR Management to track requests.
But sometimes, Osano customers need to talk to data subjects about those requests. For example, a company fulfilling a DSAR might need to say to the data subject: "Can you please verify your full name and date of birth? The information you sent doesn't match ours."
Typically, those conversations happen over email. That can be difficult because now you’re operating out of two different portals, your DSAR tool and your email. If a regulator ever wanted an audit, that would mean a lot of detective work to cobble together information between systems. Plus, email communications can be insecure depending on what you’re using. Sending sensitive data related to a DSAR request over email could expose you to risk of a breach and associated fines.
The Secure Messaging Portal gives Osano customers and users one place – a secure place – to send and track messages about DSARs. Every communication is logged in the portal, so audit histories are simple to generate and view.
The ability to securely communicate with your data subjects about their DSAR means you’re more likely to stay in compliance with privacy laws granting users access to their data and more likely to comply with security regulations. Keeping all of your communications in one place ensures an organized, timely response to data subject’s inquiries. It also enables a seamless audit process should a regulator come knocking on your proverbial door.
Osano's Secure Messaging Portal allows you to:
If you are currently on an Osano Enterprise plan, visit the DSAR documentation to learn how to set up and start using the Secure Messaging Portal. If you’re not yet on an Enterprise plan, but would like to learn how the Osano capabilities in this tier can help your business, contact sales.
The Osano staff is a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet. Occasionally, the team writes under the pen name of our mascot, “Penny, the Privacy Pro.”