BarbriSFCourseDetails

Course Details

This CLE webinar will provide a high-level overview of data subject access requests (DSARs). The panel will explain what a DSAR is and isn't, outline the purpose and key components of a DSAR, give examples of common DSAR requests, and provide tips for navigating compliance under the ever-evolving data privacy legal framework.

Faculty

Description

A right to access personal information an organization collects about an individual is a primary feature of major data privacy laws. DSARs give individuals the right to discover data an organization has on them, why the organization has the data, and how the organization shares that information with third parties. Data may include everything from email addresses and phone numbers to tracking scripts and cookies. 

Counsel must know how to recognize an access request, what the process is for responding to one, and special issues to keep in mind with certain types of data. Business counsel should also understand the compliance timeframe required by data privacy regulations.

Counsel will help establish the means of improving DSAR compliance by purging unnecessary data, creating written procedures for access requests, and leveraging technology to respond to requests cost effectively. Establishing these processes is necessary to avoid potentially onerous fines for violating data privacy regulations.

Listen as our expert panel reviews common DSARs and addresses best practices for complying with applicable data privacy laws. 

Outline

I. Overview: understanding what a DSAR is and isn't

II. Examples of common DSAR requests

III. Legal and regulatory framework governing DSARs

A. EU's General Data Protection Regulation (GDPR)

B. California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

C. Other state privacy laws: common themes regarding DSARs and key differences

IV. Penalties and enforcement

V. Key concepts for advising clients and spotting issues

VI. Assessing, planning, and preparing for common situations

VII. Creating effective policies and protocols

Benefits

The panel will review these and other key considerations:

  • What is the typical process for an individual to make a DSAR with an organization?
  • How long does an organization have to comply with a DSAR?
  • How should an organization respond to a DSAR request and how much information does the organization need to provide?
  • What are special issues and considerations to keep in mind?
  • What steps can organizations take to prepare for DSARs to ensure compliance with applicable data privacy laws?