Three-quarters (75%) of UK data protection officers (DPOs) anticipate the Covid-19 lockdown will cause difficulties in meeting data compliance obligations, potentially leading to large fines, according to a study by Guardum.
In the survey, 72% of DSOs expect a backlog of data subject access requests (DSARs) upon returning to the office, while 3% are concerned there will be a “mountain” of DSARs to complete when they go back.
Additionally, 30% of DPOs believe there will be a massive increase in DSARs over the next six months. Furloughed or laid off employees during the pandemic will be a major driver of this growth according to 73% of respondents, while one in five said it will be the biggest single factor.
Under GDPR rules, if requested, organizations must provide data subjects with a copy of their personal data within 30 days or face the prospect of a maximum fine of up to €20 million or 4% of turnover from the Information Commissioners Office (ICO).
The findings suggest that HR personnel will face substantial data compliance challenges once the UK government’s furlough scheme ends in October. Under the scheme, the government pays a portion of the wages of employees who would otherwise lose their jobs during the crisis. It is expected that as the scheme is wound down, however, many of these workers will be made redundant.
Rob Westmacott, co-founder of Guardum, commented: “HR personnel will soon find themselves at the sharp end in dealing with large DSAR volumes raised by disgruntled former employees. If DSAR volumes reach the record levels DPOs expect then firms will struggle to meet their 30-day turn-around obligations using conventional manual processes.
“DSAR requests can be time consuming and costly: maintaining the privacy of any third parties means that the process of redaction will become impossible to manage effectively without some form of automation.”
The report also found that 46% of all DSARs received by mid to large-sized organisations are from employees or contractors, while one-third (33%) comes through legal representation, with ex-employees making up 15% of this portion.
We’re Team Metalogic, an IT support provider offering outsourced managed services to SME’s across the UK. With a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.
Our stress-free solutions don’t complicate things, in fact, they improve efficiency and save money.
News source: https://www.infosecurity-magazine.com/
Share this page
Joshua joined the team last year as Service Desk Engineer and since joining us he’s gone from strength to strength within the company. At Team Metalogic we are committed to helping our colleagues grow and develop in order to excel in their careers, and Joshua is no exception.
HIPAA is short for the Health Insurance Portability and Accountability Act. It’s a federal law in the US, creating national standards for protecting sensitive patient health information.
Protecting your data is crucial: any data lost or attacked compromises you and your organisation. Cyber security is the practice of defending your IT and telecommunications from any malicious attacks.
Passwordless authentication is any way in which a user’s identity can be verified without the need for a password.