A data subject access request (DSAR) is a request submitted by an individual (data subject) to an organization to acquire the information collected and stored about them to verify the lawfulness of the processing.
A data subject can also ask for specific actions to be taken with regard to that data. For instance, they may request the deletion or correction of information, receive information on the data safeguards provided by the organization or opt out of future data collection.
Data subject access requests are a part of the data subject rights provided by the EU’s GDPR, California’s CCPA and many other privacy laws around the world.
DSARs give consumers unprecedented control over the personal information that organizations store. An organization served with a DSAR is legally obligated to fulfill these requests within a limited timeframe to avoid non-compliance.
Data subject access request
-
PHI and PII: How they impact HIPAA compliance and your marketing strategy
Personally identifiable information (PII) and protected health information (PHI) may seem similar. However, there are critical distinctions between the two. While PII is a catch-all term for any information that can be associated with an individual, PHI applies specifically to HIPAA-covered entities dealing with identifiable patient information. Keeping HIPAA compliant and protecting patient information requires…
-
How can healthcare organizations benefit from using a customer data platform (CDP)
Like many industries, healthcare has been undergoing significant change and is under immense pressure. Patients expect personalized healthcare experiences, but are increasingly aware of their privacy rights and demand that their data is safe and not misused. Healthcare providers have been seeking ways to connect, scale, and leverage customer data more effectively to meet consumers’…
Other definitions
Recent posts from Piwik PRO blog
- PHI and PII: How they impact HIPAA compliance and your marketing strategy
- How can healthcare organizations benefit from using a customer data platform (CDP)
- EU-US data transfers uncertainties: How an EU-based analytics platform can improve your marketing performance
- HIPAA, marketing and advertising: How to run compliant campaigns in healthcare
- Norwegian DPA warns against EU-US data transfers – what it means for your website analytics
- 25 years of digital analytics with Brian Clifton: The real challenge for the future is to make sense of data
- Is Google Analytics HIPAA-compliant?
- Everything you need to know about the New York Health Information Privacy Act (NYHIPA)