DSAR Getting Started

  • Updated

Data Subject Access Rights (DSARs)

Data Subject Rights are a key topic outlined in many major privacy laws. It is important to have a process in place for responding to these types of requests as they come through. When managing this process, you want to ensure the following: 

  • Legal Compliance: Managing DSARs is a critical component of compliance with data protection regulations such as GDPR, CCPA, and others. Ensure that your workflows and processes are designed to meet these legal standards.

  • Transparency and Trust: Providing a clear and accessible method for data subjects to submit DSARs fosters transparency and trust with your customers. Make sure your intake forms are easy to find and user-friendly.

  • Audit Trail: Osano automatically maintains a detailed audit trail for all DSARs, which can be invaluable for demonstrating compliance during audits or legal inquiries.

  • Automation and Efficiency: Utilize Osano's automation features to streamline the DSAR process, reducing manual effort and minimizing the risk of human error.

Now let's dive into the Osano set up...

 

Getting Started with Data Subject Rights (DSARs) in Osano

To effectively manage Data Subject Rights (DSARs - also known as SRRs [subject right requests] or DSRs [data subject requests]) using Osano, follow these steps:

 

Set Up Your Intake Forms 

1. Log in to Osano and navigate to the Subject Rights section.

2. Select Forms from the dropdown menu.

3. Customize the forms to meet your specific needs by adding or modifying fields as necessary.

 

DSAR Menu - Forms

 

Form Fields

Each DSAR submission form in Osano includes standard and non-standard fields:

    • Email: This field is required as it allows Osano to perform baseline email verification required as the first step to prove the identity of the user in question. 
    • Default Fields: Osano's DSAR forms includes a subset of default fields on each form, however, these fields can be excluded from any/all forms by using the "Exclude this field" option. 
    • Customizable Fields: Osano's DSAR forms provide the ability to add in any number of custom fields based on your organization's needs. These fields should be utilized based on your legal need for identify confirmation when executing data rights. 

 

Configure Your Data Stores and Assign Data Store Owners

  • Go to the Data Stores section in Osano.
  • Set up your data stores by defining the types of data you process and store.
  • Assign data store owners who will be responsible for handling DSARs. This allows for customized workflows and ensures that requests are directed to the appropriate individuals or teams.

 

Review Your Workflow

  • After setting up your forms and data stores, review the workflow to ensure it aligns with your organizational processes and compliance requirements. This includes verifying that DSARs are correctly routed and handled in a timely manner.

 

Embed the Intake Form on Your Website

Once your form is customized, copy the form link or the inline embed code.

Click the 馃敆 icon next to your chosen form to access the form link and embed code or navigate to the form's details and click Embed Code 馃敆.

DSAR - Link Form.png

Once the code is embedded on your website, it will be ready to begin accepting new Subject Rights Requests. 

 

Managing Incoming Data Subject Requests (DSARs)

When a data subject submits a DSAR through the embedded form, the request will automatically appear in the Requests section of the Subject Rights menu in your Osano admin portal. From this section, you can:

  • Verify the Requestor's Identity: Ensure the identity of the requestor is confirmed as part of the DSAR workflow.
  • Process the Request: Follow through with the DSAR in a timely manner, adhering to legal requirements and best practices for data privacy.

For Data Store Owners

If you are a data store owner assigned to handle DSAR activities, any relevant requests will appear in the Action Items section within the Subject Rights area of your Osano admin portal. This ensures you can track and complete your assigned tasks efficiently.