Data subject requests and DSARs are core functions in modern privacy ops. In this article, we show how to successfully fulfill these requests in compliance with laws like GDPR and CCPA.
The idea that an individual user can compel a company to delete all traces of their data is powerful, but servicing these requests properly requires a well-honed process and a deeper understanding of what is meant by erasure.
When your business receives a data subject request, verifying the identity of the requestor is a key first step. This step-by-step guide takes you through the pros and cons for different methods of subject request identity verification.