General Data Protection Regulation (“GDPR”) grants a Data Subject the right to access their Personal Data from a Data Controller or Processor. Failure to respond to a DSAR in a timely manner may result in fines. On the other hand, disclosing a third party’s Personal Data, or privileged, confidential, or business sensitive material can be harmful to business interests and may be considered a data breach.
COVID-19’s impact on the global economy is causing many organisations to mitigate losses through reductions in their labour forces. This may result in a flood of DSARs.