Automation – The holy grail of POPIA data access requests
While many companies have made good strides towards achieving full POPIA compliance, there is not a single company that can claim to be the posterchild for complete compliance.
This is according to OpenText regional vice president in Africa Julie Tregurtha, who was speaking on Business Talk with Michael Avery.
Tregurtha explained that data subject access requests (DSARs) are arguably the biggest challenge keeping privacy management professionals up at night.
“Processes for responding to DSARs have been very manual, slow, and error-prone, often resulting in non-compliance,” said Tregurtha.
In fact, leading research firm Gartner found in a 2019 survey that two thirds of businesses take at least two weeks to respond to a single DSAR and that these are often done manually – costing over R20,000 on average.
“Now imagine you have 100,000 customers and a mere 1% of them ask you for the information you have on them. That’s a cost of R20 million. And that’s not counting the possible fines that could be incurred for non-compliance,” she said.
This is why it is crucial for organisations to invest in solutions that automate the DSAR process – the short-term investment will not only improve POPIA compliance, but will also save you money.
Tregurtha went on to highlight five important elements of a successful DSAR automation:
- Case management – Case management software is crucial so that the request is recorded.
- Digitisation – Not all personal information is in a digital format, so physical information must be digitised to enable automation.
- Information discovery and collection – Implementing a discovery tool will find and collect data in all resources – such as applications, emails, presentations, and physical drives.
- Automated redaction – Certain business-sensitive data should not be included – text analytics tools can automate this process, reducing manual work to a quick review process.
- Secure sharing – When sharing the requested information, this should be done securely.
“Automation is the holy grail when it comes to managing DSARs,” said Tregurtha.
However, she added it is important to remember that it’s not a silver bullet.
“It never stands on its own island – it’s about people, processes, and technology.”
OpenText
OpenText is a leading information management solutions provider and has partnered with Francis Cronje on an eBook that discusses effective POPIA compliance.
Cronje was one of the original experts the government brought in at the inception of the POPIA framework, meaning he offers valuable insight into POPIA compliance.
Click here to fill out a form and download OpenText’s valuable eBook
Loading ...