“The Nightmare Letter: A Subject Access Request under GDPR” article features an example worst-case scenario (or so) of a Subject Access Request (SAR) under the General Data Protection Regulation (GDPR).
On one hand, the example letter is quite extreme. On the other – it’s quite realistic, especially given the (almost) template.
So, who’s ready for this? And who’s laughing now?
Found via the comments to this Slashdot thread, which is also worth a read.
Lately, I feel like I’m behaving very similar to Steve Ballmer, running around screaming “GDPR! GDPR! GDPR!”.
But I find it to be a huge change for anyone around Europe, and I see it coming into play very soon, and most of the people around me are mostly like “GDPR? What’s that?”.
This article does a lot of good explaining how big of a deal it is. And it doesn’t matter whether you support this or totally against it, I think it will be a huge change for everyone all around. In particularly so – technical people implementing the necessary changes.
- Getting to the GDPR: Four key use cases to jumpstart your efforts, from IBM.
- Preparing for the General Data Protection Regulation (GDPR), from UK’s Information Commissioner’s Office.
- Data protection self assessment toolkit, also from the UK’s ICO.