An app that simplifies Subject Access Requests (SARs) for smaller businesses has just been launched by Consilium Systems.
The company, based at the University of Central Lancashire in Preston, created Aditum to help businesses avoid potentially huge fines for breaches of SAR rules under GDPR, brought in last May.
The Right to Access – for individuals to receive a copy of their data being held by a company – has an administrative impact on all businesses. There is also a time constraint involved: after a request has been received, the company has just one month to respond.
“We realised that many companies, especially sole traders and micro-businesses, didn’t necessarily have their own Data Protection Specialists. Nor might they have the time or resources to cope with SARs,” explained Consilium’s Gillian Havelock.
“Under GDPR, these requests are now on the increase. So, using our task management and workflow experience, we created an app to make managing and tracking requests easy while providing automation and a secure encrypted portal for the transfer of the data to the requester.”
Each business subscribing has its own branded portal. Requests are submitted through a webform that collects as much data as possible to help with identification. Tasks are then automatically generated to ensure that ICO (Information Commissioner’s Office) requirements are met in the right time-frame.
“Most apps are aimed at larger businesses but these will invariably have their own specialist Data Protection Officers anyway,” added Gillian. The fine of 4 per cent of annual turnover for each request missed could potentially ruin a small business.
“We have just launched the app at the Leigh Business Expo and it was very well-received,” stated Gillian. “However, we were amazed at how many small companies just didn’t realise the short deadline for SARs or the possible consequences involved.”
* For more information about Aditum go to https://aditum.co.uk