There are two factors that make eDiscovery work a daunting task for counsel and litigation support teams – complexity and time constraints. Nowhere is this more apparent than when addressing subject access requests. Under the 1998 Data Protection Act, a subject access request (SAR) must be met within 40 days. While 40 days might seem like a long time on paper, when you have to locate and collect all records across multiple formats, process those records into a review platform, review them and redact privileged information, that window is surprisingly short.
We found the advice shared by Drew Macaulay in a recent article in Lawyer Monthly to be a great source for practical guidance, particularly as rules in Europe are likely to change with the EU Data Protection Regulation—potentially increasing the number of subject access requests being filed. As Macaulay aptly points out in the article “one of the aims of the Regulation is to give individuals easier access to their own data. The burden of complying will inevitably…be shouldered by the organisation [sic] holding that data.”
Macaulay observes that with the minimal fees associated with lodging a SAR and the high volume of complex work for the matter, companies are under tremendous pressure to contain costs and use resources most effectively. He further notes that a combination of the right technology and highly skilled legal personnel can see a matter handled in “just a couple of days.”
Interested in reading more of Macaulay’s advice about how subject access requests can be handled more effectively? You can access the full article here…