A Guardian Saints data protection seminar: subject access requests
Getting it right is tough - exploring the challenges of subject access requests in foster care
Since the implementation of the Data Protection Act 2018, Guardian Saints has provided a Data Protection Officer as a service to many fostering agencies. We recently solicited opinion from independent fostering agencies (IFAs) to help shape a series of web-based seminars; ensuring we discuss the issues that have the most impact. Of course, these seminars are not just about looking at problems, our longer-term aim is delivering solutions whether by process, technology, or training. The ultimate aim is to establish a cross sector code of practice, ratified by the Information Commissioner's Office (ICO).
The topic most respondents wanted covered was, unsurprisingly, subject access requests (SARs). These have presented significant challenges since day one of the GDPR and is the area where most who use our services request our support/guidance. The key issues are:
- Exceptions
- Exemptions
- Redactions
- Competent authorities
- Investigations
- Data subject rights
- Third party contracts
This online seminar explores ‘real life experiences’ that providers have faced and how to work better by working smarter. The seminar will be of primary benefit to registered managers, data managers and those who have regular involvement with SARs.
During the seminar you will learn some of the real problems faced by providers and how these issues were managed. Two things are certain; Subject Access Requests are not going to go away, and we can all learn from the experiences of others.
We expect the seminar to last around 45 minutes and have scheduled 30 minutes for Q&A.
Armed with the input raised at the session, we plan to hold a half day workshop in the next few months. Here we will pick over these issues and deliver the outline working practices ways of working that can reduce the impacts SARs have upon your day-to-day activities (this session can be extended should demand require it). The output from this will be to define subject access request standards and formulate a common ‘Code of Practice’ for the fostering sector with associated policies, processes and procedures.
Of course, we will keep everything safely anonymised – we wouldn’t want to cause breach of personal data!
Guardian Saints is a not for profit community interest company founded in 2014 by two parents and a foster carer all with successful careers in cyber security, data protection and compliance within the corporate sector.