Financial Services Company – organising GDPR and Subject Access Request processes

With the upcoming GDPR enhancement on Data Protection, due on the 25th May, a loans company contacted The Robot Exchange to help streamline their current processes for Subject Access Requests. As background, the ability for customers or data subjects an organisation stores or processes has changed from the original handwritten request that the company has 42 days to respond to, the ability for data subjects to request in any manner (Twitter, FB, E-mail, Phone or written). In addition, the company now needs to respond to these requests as quickly as they can, rather than 42 days!

Looking at the whole GDPR process The Robot Exchange built a number of robots to assist;
 

SAR

SAR Robot – A number of robots that “listened” to both E-mail and Twitter/Facebook to identify a Subject Access Request forwarding to Compliance to confirm identity

SEARCH

After identity confirmed Search robot logs into all source systems and identifies relevant data

AUTH

All data is moved to a confidential folder for authorisation that data is relevant and applies relating to the GDPR process

DELETE/MOVE

Once approved, a Robot deletes all references (if requested and approved) or moves to a new processor

Have an idea or process we can help you with?

We can work with you to streamline your automated processes with both pre-written and custom Robots.