GDPR privacy law exploited to reveal personal data

GDPR privacy law exploited to reveal personal data

Research has been conducted on how the UK and US-based organisations deal with SAR requests, with one in four companies incorrectly releasing data following a request for information in someone else’s name.

This research is one of the first to test the implementation of the EU’s General Data Protection Regulation (GDPR), which came into force in May 2018. This law shortened the time organisations have to respond to data requests, added new types of information they have to provide, and increased the potential penalty for non-compliance; most importantly, set stipulations on validating requests which are crucial for disclosure processes. 

 

Find similar posts