This article is published in collaboration with our key partner, Basico P/S.
Companies across Europe are getting ready to handle requests for personal data from customers and employees. But in many cases, it becomes a major time-consuming project to receive and process these requests. The biggest challenge is that you cannot prepare yourself for how many requests your business will receive. And as it is generally more demanding for your business to process a request than it is for customers and employees to make one, it can result in large amounts of queries.
Fortunately, there are tools that can help easily and efficiently, and where the number of systems and receiving requests does not matter to anybody. In addition, these tools process systematic and consistent queries faster than regular employees, as you can enable them to retrieve all data on a request, organize, and deliver in a folder or mail it to the recipient.
This tool is RPA software. RPA stands for Robotics Process Automation and is quite a simple concept: The robot can automate regular and systematic processes through a Windows user's own computer or virtual machine on a server. The robot software simply retrieves the systems from which it should retrieve data, executes the personal data request, and then stores data the way you set it up to be stored. Simply, an automation of the way an employee would handle an insight request.
The software, Foxtrot RPA which, besides being able to solve the challenges with GDPR insights, is also easy to learn for the common user, which means that you can optimize and support the solution. Similarly, when not in progress, the robot is able to handle several other processes within the company. It can therefore be productive – also outside the GDPR-project.
Therefore: Make your GDPR-project a returnable investment by acquiring a good and user-friendly RPA solution that does your hard work for you.
There are several considerations you should do, before you can prepare a process for handling insight requests:
How many insight requests do you expect to receive?
How many IT systems should you collect information from?
Can information be sought across IT systems and mails?
In what format should the inquiries be answered?
Who should handle the insight requests?
How do you ensure that all insight requests end the same place to comply with the deadline for reply?
Should an email address for receiving insights be created?
Should there be standard response in connection with:
Request for clarification of the query? Message about expected processing time?
Handing in information?
Refusal of insight?
How do you ensure that the answers to the insight requests can be documented?