Access Requests - is it Time for you to Simplify?

Access Requests – is it Time for you to Simplify?

subject access requests

Unless you have been hiding under a rock, you will by now be aware of GDPR and a lot of the consequences the new rules may bring about for promoting your business. 

More...

This post isn’t another one of those posts that ramble on about how you ‘need to do something before you fall foul of the GDPR’ - I’m not sure about you, but I feel we are all starting to drown in a sea of advice around these matters. 

There is another aspect of the new rules however which I believe a lot of businesses will find themselves unprepared for and could create some surprises.

SAR

Traditionally, the UK has had 'access to information' regulations in place, but they have been very rarely used by customers as the fee to be paid by the requester usually worked as a barrier. Under the new laws, any person you hold data about can request to know what you are holding on them and how you are planning to use it, incurring no fee in the process.

If your initial reaction to this is ‘no problem, I know exactly where we hold every piece of information about everyone we deal with and can easily stand next to the photocopier, collate and submit the report without any disruption’, then well done. I would think though that a lot more people are in the ‘I’ll deal with it when it comes in’ bracket.

Crystal Ball

I don’t have a crystal ball, so I can’t tell you how the new rules will affect businesses in the UK, but I do have a sneaky suspicion that access requests will become a lot more widespread than people are anticipating. I knew somebody who once worked in a bank and knew the ins-and-outs of complaints departments. He knew that the one surefire way to get things moving around a complaint was to request a report of all the data they held on him. Why? Because the reports were so time-consuming and so hard to pull together that he knew big companies would do anything to get around carrying out that task. And now we can make these requests with no cost!

The things we do know about access requests is that, due to publicity, the general public will be far more aware of what they can ask for from us. I have a sense that one or two large companies will be tested by the media or the government and could be held up as examples if any problems occur, bringing big publicity to the new rules in the process.

As businesses evolve, the spread of programmes being used from CRM’s to spreadsheets to accounting packages grows and grows. Think of the number of places where you or your staff may be holding information about any one of your customers. From my experience, the average business would have to check through 5-6 different programmes and contact several members of staff to ensure they have collated all the information.

The ICO has published a handy checklist of the major points covered by GDPR.

Point number 5 on the list touches on my above ideas and suggests that systems may need to be put in place to deal with access requests more efficiently.

Self Service Myworld

We have had, for quite some time, an add-on to our Business Portal platform that provides you with the ability to remove any issues around access requests by becoming proactive rather than reactive. The feature allows your customers to log on to your portal and see precisely what information you are holding about them. Not only does this remove some of the costs of administration around requests but you also go somewhat towards increasing the perception of your integrity in your customer’s eyes - putting you above your competitors.

I’m here for you to talk to me about how I can help to streamline your business processes. But if you do nothing else, I hope I’ve nudged you into thinking about how you may respond in the future to access requests by your customers - and that it need not be too daunting.

if you found this article even 'slightly' interesting, we would appreciate a tweet

 Insert your tweetable quote/phrase here

Click to Tweet
Please Share Us

imtiaz ahmed

Imtiaz is an enthusiastic and innovative Professional, with over 20 years of experience in the Retail, ERP and CRM business areas in the UK, South Asia and the Middle East. PS. When he’s away from running UnifiedApps, he’s also been known to be a mediocre guitar player.

Chat with us on Facebook
close

Explore CloudworksIT and See for yourself