What is a data subject access request?
A data subject access request (DSAR) is a legal request from a person to an organization, asking for information about the data that the organization holds about them. In Massachusetts, a DSAR is the primary way that an individual can access personal data held by an organization. It is also known as a subject access request (SAR). Under Massachusetts data security law, an individual has the right to make a DSAR to an organization and ask for any information held about them. This includes any data which has been recorded or obtained by any means, such as a computer, paper file, or voice recording. The organization then has 30 days to respond to the DSAR and provide a copy of the requested data. If the organization does not comply, the individual can make a complaint to the Massachusetts Data Protection Authority. The authority can then impose a penalty on the organization if they fail to comply. In addition to providing access to the data, the organization must also provide information about how the data is processed, the purposes for which it is held, and the individuals with whom it is shared. Individuals can also ask that their data be corrected or deleted, as long as this does not conflict with any legal obligations that the organization may have. In summary, a data subject access request is an individual’s legal right to access the personal data held about them by an organization in Massachusetts. The organization must respond within 30 days, providing the individual with the requested data and information about how it is processed.
Related FAQs
What is a privacy policy?What is the California Shine the Light law?
What is the EU’s General Data Protection Regulation (GDPR)?
What are the penalties for not complying with data security laws?
What is the difference between GDPR and the US data protection laws?
What is a data subject access request?
What is the role of a data protection officer (DPO)?
What rights do I have when it comes to data security?
What is a Data Protection Impact Assessment (DPIA)?
What is the scope of HIPAA?
Related Blog Posts
Top 5 Recent Developments in Data Security Law - July 31, 2023Understanding the Impact of Data Security Law on Businesses - August 7, 2023
What is the GDPR and How Does it Apply to Data Security Law? - August 14, 2023
What is the Role of the Federal Government in Regulating Data Security Laws? - August 21, 2023
Are State Data Security Laws Compliant With GDPR Regulations? - August 28, 2023